Bin Hui Tang
ABSTRACT
Today's Internet environment is full of all kinds of normal and malicious traffic, how to identify the feature categories of malicious traffic plays a crucial role in network management and security. With the rapid growth of modern Internet traffic, classical machine learning methods are limited by efficiency and functionality and are no longer sufficient to deal with large and complex network traffic. Thus, we propose a convolutional neural network-based traffic identification method. Firstly, the full traffic dataset for testing is preprocessed with one-hot coding. Secondly, a convolutional neural network model is built for testing, a softmax classifier is used to detect and classify the normal traffic and various malicious traffic, and finally, obtain the classification results of each traffic type. The experimental tests on the publicly available dataset show that the detection accuracy of malicious traffic is close to 99%, and the loss value is less than 1%.
- CNNIC 2020 Statistical Reports on Internet Development in China[R].2020.Google Scholar
- J Ran, Y Chen, S Li. Three-Dimensional Convolutional Neural Network Based Traffic Classification for Wireless Communications[C]. 2018 IEEE Global Conference on Signal and Information Processing (GlobalSIP), 2018.Google ScholarCross Ref
- H Lim, J Kim, J Heo, Packet-based Network Traffic Classification Using Deep Learning[C]. 2019 International Conference on Artificial Intelligence in Information and Communication (ICAIC), 2019.Google Scholar
- Wei Wang, Ming Zhu, Xuewen Zeng, Malware Traffic Classification Using Convolutional Neural Network for Representation Learning[C], 2017 International Conference on Information Networking (ICOIN), 2017.Google Scholar
- WANG Yong, ZHOU Huiyi, FENG Hao, Network traffic classification method based on deep convolution neural network [J]. Acta communication Sinica, 2018, 39(1):14-23.Google Scholar
- CHEN Xuejiao, WANG pan, YU Jiahui. Encrypted traffic identification method based on the convolutional neural network [J]. Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition), 2018, 38(6):36-41.Google Scholar
- Jain A V. Network Traffic Identification with Convolutional Neural Networks[C]// DASC: 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 2018.Google Scholar
- J Ren, Z Wang. A novel deep learning method for application identification in the wireless network[J]. China Communications, 2018, 15(10):73-83.Google ScholarCross Ref
- Wu Kehe, Chen Zuge, Li Wei. Novel Intrusion Detection Model for a Massive Network Using Convolutional Neural Networks[C]. IEEE Access, 2018.Google Scholar
- GHARIB A, SHARAFALDIN I, HABIBI L A, An evaluation framework for intrusion detection dataset[C]//2016 International Conference on Information Science and Security (ICISS). 2016:1-6.Google Scholar
- M. F. Zolkipli and A. Jantan, “An approach for malware behavior identification and classification,” in computer Research and Development(ICCRD), 2011 3rd International Conference on, 2011, vol. 1, pp. 191–194.Google Scholar
- Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection. In Proceedings of the 17th Conference on Security Symposium, SS’08, pages 139–154, Berkeley, CA, USA, 2008.Google Scholar
- Mohsen Damshenas, Ali Dehghantanha, and Ramlan Mahmoud. A survey on malware propagation, analysis, and detection. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2 (4): 10–29, 2013.Google Scholar
- Anoop Chowdary Atluri and Vinh Tran. Botnets threat analysis and detection. In Information Security Practices, pages 7–28. Springer International Publishing, 2017.Google Scholar
- Gao, M.; Ma, L.; Liu, H.; Zhang, Z.; Ning, Z.; Xu, J. Malicious Network Traffic Detection Based on Deep Neural Networks and Association Analysis. Sensors 2020, 20, 1452.Google Scholar
- T. T. Nguyen and G. A Armitage, "Survey of Techniques for Internet Traffic Classification using Machine Learning", IEEE Communications Surveys & Tutorials, vol. 10, no. 4, pp. 56-76, 2008.Google ScholarDigital Library
Recommendations
A feature enhancement-based model for the malicious traffic detection with small-scale imbalanced dataset
AbstractMalicious traffic detection models (MTDMs) prevent cyber-attacks by monitoring the network traffic and detecting threats in network throughput. However, due to the imperceptible difference between the features of normal traffic and ...
Deep packet: a novel approach for encrypted traffic classification using deep learning
AbstractNetwork traffic classification has become more important with the rapid growth of Internet and online applications. Numerous studies have been done on this topic which have led to many different approaches. Most of these approaches use predefined ...
Mal-lightDet: A light method to detect malicious encrypted traffic based on machine learning
CCRIS '23: Proceedings of the 2023 4th International Conference on Control, Robotics and Intelligent SystemEncryption not only protects the network security and privacy, but also encrypts attackers’ malicious traffic to evade detection. Thus, how to detect malicious encrypted traffic is critical for network security. From the perspective of privacy, methods ...
Comments