An Encrypted Traffic Identification Scheme Based on the Multilevel Structure and Variational Automatic Encoder

With the rapid growth of the encrypted network traffic, the identification to it becomes a hot topic in information security. Since the existing methods have difficulties in identifying the application which the encrypted traffic belongs to, a new encrypted traffic identification scheme is proposed in this paper. The proposed scheme has two levels. In the first level, the entropy and estimation of Monte Carlo π value as features are used to identify the encrypted traffic by C4.5 decision tree. In the second level, the application types are distinguished from the encrypted traffic selected above. First, the variational automatic encoder is used to extract the layer features, which is combined with the frequently-used stream features. Meanwhile, the mutual information is used to reduce the dimensionality of the combination features. Finally, the random forest classifier is used to obtain the optimal result. Compared with the existing methods, the experimental results show that the proposed scheme not only has faster convergence speed but also achieves better performance in the recognition accuracy, recall rate, and F1-Measure, which is higher than 97%.

Download Full-text

A Fingerprint Enhancement and Second-Order Markov Chain Based Malicious Encrypted Traffic Identification Scheme

Proceedings of the 2020 6th International Conference on Computing and Artificial Intelligence ◽

10.1145/3404555.3404590 ◽

2020 ◽

Author(s):

Daichong Chao

Keyword(s):

Markov Chain ◽

Second Order ◽

Identification Scheme ◽

Traffic Identification ◽

Fingerprint Enhancement ◽

Order Markov Chain ◽

Encrypted Traffic

Download Full-text

Learning from imbalanced data for encrypted traffic identification problem

Proceedings of the Seventh Symposium on Information and Communication Technology - SoICT '16 ◽

10.1145/3011077.3011132 ◽

2016 ◽

Cited By ~ 5

Author(s):

Ly Vu ◽

Dong Van Tra ◽

Quang Uy Nguyen

Keyword(s):

Imbalanced Data ◽

Identification Problem ◽

Traffic Identification ◽

Encrypted Traffic

Download Full-text

An Investigation of Multi-objective Genetic Algorithms for Encrypted Traffic Identification

Advances in Intelligent and Soft Computing - Computational Intelligence in Security for Information Systems ◽

10.1007/978-3-642-04091-7_12 ◽

2009 ◽

pp. 93-100 ◽

Cited By ~ 4

Author(s):

Carlos Bacquet ◽

A. Nur Zincir-Heywood ◽

Malcolm I. Heywood

Keyword(s):

Genetic Algorithms ◽

Traffic Identification ◽

Multi Objective ◽

Encrypted Traffic

Download Full-text

An analysis of clustering objectives for feature selection applied to encrypted traffic identification

IEEE Congress on Evolutionary Computation ◽

10.1109/cec.2010.5586163 ◽

2010 ◽

Cited By ~ 1

Author(s):

Carlos Bacquet ◽

Nur A. Zincir-Heywood ◽

Malcolm I. Heywood

Keyword(s):

Feature Selection ◽

Traffic Identification ◽

Encrypted Traffic

Download Full-text

Generalization of signatures for SSH encrypted traffic identification

2009 IEEE Symposium on Computational Intelligence in Cyber Security ◽

10.1109/cicybs.2009.4925105 ◽

2009 ◽

Cited By ~ 18

Author(s):

Riyad Alshammari ◽

Nur Zincir-Heywood

Keyword(s):

Traffic Identification ◽

Encrypted Traffic

Download Full-text

IMPLEMENTASI MONTE CARLO TREE SEARCH PADA PERMAINAN KARTU “DAIFUGO”

Jurnal Informatika ◽

10.21460/inf.2015.111.424 ◽

2015 ◽

Vol 11 (1) ◽

Author(s):

Eunike Thirza Hanitya Christian ◽

R. Gunawan Santoso ◽

Erick Purwanto

Keyword(s):

Monte Carlo ◽

Tree Search ◽

Card Game ◽

Optimal Result ◽

Monte Carlo Tree Search ◽

Random Simulation ◽

Simulation Monte Carlo ◽

Step Selection

Daifugo is climbing card game that is originated from Japan. AI player of Daifugo card game can be implemented using Monte Carlo Tree Search to get optimal result from random simulation. Monte Carlo Tree Search has 4 step, selection, expansion, simulation and backpropagation that is executed until maximal loop is reached. Objective of using Monte Carlo Tree Search on AI player in Daifugo card game is to get move with high winning rate and to observe the effect of number of loop on the method to winning rate

Download Full-text

A Method for TLS Malicious Traffic Identification Based on Machine Learning

Advances in Science and Technology ◽

10.4028/www.scientific.net/ast.105.291 ◽

2021 ◽

Vol 105 ◽

pp. 291-301

Author(s):

Wei Wang ◽

Cheng Sheng Sun ◽

Jia Ning Ye

Keyword(s):

Feature Extraction ◽

Relevant Information ◽

Extraction Process ◽

Identification Accuracy ◽

Security And Privacy ◽

Feature Extraction Method ◽

Traffic Identification ◽

Work Related ◽

Encrypted Traffic ◽

Network Security Management

With more and more malicious traffic using TLS protocol encryption, efficient identification of TLS malicious traffic has become an increasingly important task in network security management in order to ensure communication security and privacy. Most of the traditional traffic identification methods on TLS malicious encryption only adopt the common characteristics of ordinary traffic, which results in the increase of coupling among features and then the low identification accuracy. In addition, most of the previous work related to malicious traffic identification extracted features directly from the data flow without recording the extraction process, making it difficult for subsequent traceability. Therefore, this paper implements an efficient feature extraction method with structural correlation for TLS malicious encrypted traffic. The traffic feature extraction process is logged in modules, and the index is used to establish relevant information links, so as to analyse the context and facilitate subsequent feature analysis and problem traceability. Finally, Random Forest is used to realize efficient TLS malicious traffic identification with an accuracy of up to 99.38%.

Download Full-text