Abstract:
Machine learning is increasingly applied to network traffic analysis to aid in tasks such as quality of service management, trend monitoring, and security. Recent advance...Show MoreMetadata
Abstract:
Machine learning is increasingly applied to network traffic analysis to aid in tasks such as quality of service management, trend monitoring, and security. Recent advances in deep learning have enabled not only the classification of encrypted transits, but classification on a per-packet level. End-to-end deep learning models are becoming increasingly ubiq-uitous given their ease of use, i.e., developers do not need to engineer features, and their apparent versatility. However, deep learning entails black-box models that hinder the capability to debug and explain classifications. Moreover, the computational complexity of deep learning can incur unnecessary latency, which is problematic for real-time classification needs. In this paper, we propose a methodology to interpret black-box, deep learning-based encrypted network traffic classification models, with an attempt to understand the dominant features a classifier is focusing on for a given task. We evaluate our approach on state-of-the-art deep learning classification techniques for encrypted per-packet classification and demonstrate how interpretability can be used to debug and improve the training pipeline while significantly reducing the size of the deep learning model. We propose future directions toward optimizing model performance while maintaining explainability.
Date of Conference: 18-20 July 2022
Date Added to IEEE Xplore: 26 September 2022
ISBN Information: