FSTC: Dynamic Category Adaptation for Encrypted Network Traffic Classification

Edutech Pub Date : 2023-06-12 DOI:10.23919/IFIPNetworking57963.2023.10186403

Navid Malekghaini, Hauton Tsang, M. A. Salahuddin, Noura Limam, R. Boutaba

{"title":"FSTC: Dynamic Category Adaptation for Encrypted Network Traffic Classification","authors":"Navid Malekghaini, Hauton Tsang, M. A. Salahuddin, Noura Limam, R. Boutaba","doi":"10.23919/IFIPNetworking57963.2023.10186403","DOIUrl":null,"url":null,"abstract":"With the advancement in security and privacy on the Internet, network traffic has become increasingly difficult to classify. Current deep learning (DL)-based encrypted network traffic classification approaches rely on protocol-specific features (e.g., TLS headers) and/or assume that the classification categories (i.e., applications) remain constant over time. However, both the encryption protocols and applications continue to evolve. Therefore, DL models must be retrained from scratch for newer encryption protocols or applications, which makes existing approaches intractable in practice. In this paper, we propose novel Transfer Learning (TL) approaches for introducing new traffic classes to DL models without retraining them from scratch. We also propose a framework named FSTC, which leverages Active Learning (AL) to achieve human-assisted TL for new traffic classes and minimizes the labeled data needed for encrypted network traffic classification. We evaluate our TL and AL approaches using protocol-agnostic features from the publicly available ISCXVPN2016 and QUIC datasets. To the best of our knowledge, neither proposal has been explored before in the existing literature.","PeriodicalId":31737,"journal":{"name":"Edutech","volume":"9 1","pages":"1-9"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Edutech","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/IFIPNetworking57963.2023.10186403","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

With the advancement in security and privacy on the Internet, network traffic has become increasingly difficult to classify. Current deep learning (DL)-based encrypted network traffic classification approaches rely on protocol-specific features (e.g., TLS headers) and/or assume that the classification categories (i.e., applications) remain constant over time. However, both the encryption protocols and applications continue to evolve. Therefore, DL models must be retrained from scratch for newer encryption protocols or applications, which makes existing approaches intractable in practice. In this paper, we propose novel Transfer Learning (TL) approaches for introducing new traffic classes to DL models without retraining them from scratch. We also propose a framework named FSTC, which leverages Active Learning (AL) to achieve human-assisted TL for new traffic classes and minimizes the labeled data needed for encrypted network traffic classification. We evaluate our TL and AL approaches using protocol-agnostic features from the publicly available ISCXVPN2016 and QUIC datasets. To the best of our knowledge, neither proposal has been explored before in the existing literature.

查看原文本刊更多论文

FSTC:动态类别自适应加密网络流分类

随着互联网安全性和隐私性的提高，网络流量的分类变得越来越困难。当前基于深度学习(DL)的加密网络流量分类方法依赖于协议特定的功能(例如，TLS标头)和/或假设分类类别(即应用程序)随时间保持不变。然而，加密协议和应用程序都在不断发展。因此，对于新的加密协议或应用程序，必须从头开始重新训练DL模型，这使得现有方法在实践中变得难以处理。在本文中，我们提出了新的迁移学习(TL)方法，用于将新的流量类引入深度学习模型，而无需从头开始重新训练它们。我们还提出了一个名为FSTC的框架，它利用主动学习(AL)来实现对新流量类的人工辅助TL，并最大限度地减少加密网络流量分类所需的标记数据。我们使用来自公开可用的ISCXVPN2016和QUIC数据集的协议无关特性来评估我们的TL和AL方法。据我们所知，在现有的文献中，这两种建议都没有被探讨过。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Edutech

自引率

0.00%

发文量

审稿时长

4 weeks