Reliable Open-Set Network Traffic Classification

Abstract

The widespread use of modern network communications necessitates effective resource control and management in TCP/IP networks. However, most existing network traffic classification methods are limited to labeled known classes and struggle to handle open-set scenarios, where known classes coexist with significant volumes of unknown classes of traffic. To solve this problem more accurately and reliably, we propose RoNeTC. This method achieves high-precision classification by enhancing feature extraction and quantifying the reliability of classification decisions through uncertainty estimation. For feature extraction, we divide each packet of a flow into three views for parallel training, integrating both local and global feature representations across multiple packets to enhance accuracy. We devise a second-order classification probability to quantify the reliability of the classifier’s results and to visualize the reliability of open-set flow classification in terms of uncertainty. Additionally, we dynamically fuse classification decisions from multiple views, evaluating decision uncertainty to classify known and unknown flows and ensure robust, reliable results. We compare RoNeTC with four state-of-the-art (SOTA) methods in six open-set scenarios. RoNeTC outperforms the other methods by an average of 25.94% in F1 across all open-set scenarios, indicating its superior performance in open-set network traffic classification.