Skip to main content
SpringerLink
Log in
Book cover

International Conference of Pioneering Computer Scientists, Engineers and Educators

ICPCSEE 2019: Data Science pp 528–544Cite as

Classification Method of Encrypted Traffic Based on Deep Neural Network

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1059))

Abstract

With the widespread use of network traffic encryption technology, the traditional traffic classification method has gradually become invalid, which increases the difficulty of network management and poses a serious threat to network security. This paper analyzes the traffic encrypted and transmitted by VPN and explores its classification method. By extracting the timing characteristics of the encrypted traffic, the classification model of the deep neural network was used to classify the traffic of seven different categories in the encrypted traffic, and compared with the commonly used naive Bayesian classification algorithm. At the same time, the batch size that affects the training of deep neural network models was studied. Experiments show that the classification ability of encrypted traffic classification model based on deep neural network is much better than the naive Bayesian method. During training, the batch size has different effects on the deep neural network model. When the batch size is 40, the deep neural network model has the best classification ability.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Korczynski, M., Duda, A.: Markov chain finger printing to classify encrypted traffic. In: 2014 Proceedings of IEEE INFOCOM, pp. 781–789 (2014)

    Google Scholar 

  2. Shen, M., Wei, M., Zhu, L., Wang, M.: Classification of encrypted traffic with second-order Markov chains and application attribute bigrams. IEEE Trans. Inf. Forensics Secur. 12(8), 1830–1843 (2017)

    Article  Google Scholar 

  3. Zhang, Z., Li, J., Manikopoulos, C.N., Jorgenson, J., Ucles, J.: HIDE: a hierarchical network intrusion detection system using statistical pre-processing and neural network classification. In: Proceedings of IEEE Workshop on Information Assurance and Security, pp. 85–90 (2001)

    Google Scholar 

  4. Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43–48 (2017)

    Google Scholar 

  5. Lotfollahi, M., Zade, R.S.H., Siavoshani, M.J., Saberian, M.: Deep packet: a novel approach for encrypted traffic classification using deep learning. arXiv preprint arXiv:1709.02656 (2017)

  6. Li, W., Moore, A.W.: A machine learning approach for efficient traffic classification. In: 15th International Symposium on Modelling, Analysis, and Simulation of Computer and Telecommunication Systems, pp. 310–317. IEEE (2007)

    Google Scholar 

  7. Sun, R., Yang, B., Peng, L., Chen, Z., Zhang, L., Jing, S.: Traffic classification using probabilistic neural networks. In: 2010 Sixth International Conference on Natural Computation, vol. 4, pp. 1914–1919. IEEE (2010)

    Google Scholar 

  8. Anderson, B., Mcgrew, D.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: The ACM SIGKDD International Conference, pp. 1723–1732. ACM (2017)

    Google Scholar 

  9. Sherry, J., Lan, C., Popa, R.A., Ratnasamy, S.: Blind-box: deep packet inspection over encrypted traffic. ACM SIGCOMM Comput. Commun. Rev. 45(4), 213–226 (2015)

    Article  Google Scholar 

  10. Draper-Gil, G., Lashkari, A.H., Mamun, M.S.I., Ghorbani, A.A.: Characterization of encrypted and VPN traffic using time-related features. In: The International Conference on Information Systems Security and Privacy, pp. 94–98 (2016)

    Google Scholar 

  11. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117 (2015)

    Article  Google Scholar 

  12. Goyal, P., et al.: Accurate, large mini-batch SGD: training ImageNet in 1 hour. arXiv preprint arXiv:1706.02677 (2017)

  13. Liu, Y., Chen, J., Chang, P., Yun, X.: A novel algorithm for encrypted traffic classification based on sliding window of flow’s first N packets. In: 2017 2nd IEEE International Conference on Computational Intelligence and Applications (ICCIA), Beijing, China, 8–11 September 2017, pp. 463–470 (2017)

    Google Scholar 

  14. Wang, P., Ye, F., Chen, X., Qian, Y.: DataNet: deep learning based encrypted network traffic classification in SDN home gateway. IEEE Access 6, 55380–55391 (2018)

    Article  Google Scholar 

  15. Wang, W., Zhu, M., Wang, J., Zeng, X., Yang, Z.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), 22–24 July 2017, Beijing, China, pp. 43–48 (2017)

    Google Scholar 

  16. Aceto, G., Ciuonzo, D., Montieri, A., Pescapé, A.: Mobile encrypted traffic classification using deep learning. In: 2018 Network Traffic Measurement and Analysis Conference (TMA), Vienna, Australia, 26–29 June 2018, pp. 1–8 (2018)

    Google Scholar 

  17. Pan, W., Cheng, G., Tang, Y.: WENC: HTTPS encrypted traffic classification using weighted ensemble learning and Markov chain. In: 2017 IEEE Trustcom/BigDataSE/ICESS, Sydney, NSW, Australia, 1–4 August 2017, pp. 1723–1732 (2017)

    Google Scholar 

  18. Cireşan, D., Meier, U., Masci, J., Schmidhuber, J.: Multi-column deep neural network for traffic sign classification. Neural Netw. 32, 333–338 (2012)

    Article  Google Scholar 

  19. Nascimento, Z., Sadok, D., Fernandes, S., Kelner, J.: Multi-objective optimization of a hybrid model for network traffic classification by combining machine learning techniques. In: 2014 International Joint Conference on Neural Networks (IJCNN), Beijing, China, 6–11 July 2014, pp. 2116–2122 (2014)

    Google Scholar 

  20. ISCX. https://www.unb.ca/cic/datasets/vpn.html. Accessed 10 Mar 2019

  21. Sun, G., Chen, T., Su, Y., Li, C.: Internet traffic classification based on incremental support vector machines. Mob. Netw. Appl. 23(4), 789–796 (2018)

    Article  Google Scholar 

  22. He, Z.B., Cai, Z.P., Han, Q.L., Tong, W.T., Sun, L.M., Li, Y.S.: An energy efficient privacy-preserving content sharing scheme in mobile social networks. Pers. Ubiquit. Comput. 20(5), 833–846 (2016)

    Article  Google Scholar 

  23. Sun, G., Dong, H., Li, A., Xiao, F.: NTCA: a high-performance network traffic classification architecture. Int. J. Future Gener. Commun. Netw. 6(5), 11–20 (2013)

    Article  Google Scholar 

  24. Ding, X.O., Wang, H.Z., Gao, Y.T., Li, J.Z., Gao, H.: Efficient currency determination algorithms for dynamic data. Tsinghua Sci. Technol. 22(3), 227–242 (2017)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (No. 61772377, 91746206), the Natural Science Foundation of Hubei Province of China (No. 2017CFA007), Science and Technology planning project of ShenZhen (JCYJ20170818112550194), and Fund of Hubei Key Laboratory of Transportation Internet of Things (WHUTIOT-2017A0011).

Author information

Authors and Affiliations

  1. School of Computer Science, Wuhan University, Wuhan, 430072, China

    Jing Wan, Libing Wu, Youhua Xia, Jianzong Hu, Zhenchang Xia, Rui Zhang & Min Wang

Authors
  1. Jing Wan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Libing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Youhua Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jianzong Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zhenchang Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Rui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Min Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Youhua Xia .

Editor information

Editors and Affiliations

  1. College of Computer Science and Software Engineering, Shenzhen University, Shenzhen, China

    Rui Mao

  2. Harbin Institute of Technology, Harbin, China

    Hongzhi Wang

  3. Guilin University of Technology, Guilin, China

    Xiaolan Xie

  4. National Academy of Guo Ding Institute of Data Science, Harbin, China

    Zeguang Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wan, J. et al. (2019). Classification Method of Encrypted Traffic Based on Deep Neural Network. In: Mao, R., Wang, H., Xie, X., Lu, Z. (eds) Data Science. ICPCSEE 2019. Communications in Computer and Information Science, vol 1059. Springer, Singapore. https://doi.org/10.1007/978-981-15-0121-0_41

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-0121-0_41

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-0120-3

  • Online ISBN: 978-981-15-0121-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation