Deep Learning for Network Traffic Classification

• URL: http://arxiv.org/abs/2106.12693v1
• Date: Wed, 2 Jun 2021 04:11:32 GMT
• Title: Deep Learning for Network Traffic Classification
• Authors: Niloofar Bayat and Weston Jackson and Derrick Liu
• Abstract summary: Monitoring network traffic to identify content, services, and applications is an active research topic in network traffic control systems. Previous work has identified machine learning methods that may enable application and service identification. We propose a classification technique using an ensemble of deep learning architectures on packet, payload, and inter-arrival time sequences.
• Score: 0.0
• License: http://creativecommons.org/publicdomain/zero/1.0/
• Abstract: Monitoring network traffic to identify content, services, and applications is an active research topic in network traffic control systems. While modern firewalls provide the capability to decrypt packets, this is not appealing for privacy advocates. Hence, identifying any information from encrypted traffic is a challenging task. Nonetheless, previous work has identified machine learning methods that may enable application and service identification. The process involves high level feature extraction from network packet data then training a robust machine learning classifier for traffic identification. We propose a classification technique using an ensemble of deep learning architectures on packet, payload, and inter-arrival time sequences. To our knowledge, this is the first time such deep learning architectures have been applied to the Server Name Indication (SNI) classification problem. Our ensemble model beats the state of the art machine learning methods and our up-to-date model can be found on github: \url{https://github.com/niloofarbayat/NetworkClassification}

Related papers

• NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
  We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records. We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
  arXiv  Detail & Related papers  (2024-12-30T00:47:49Z)
• MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
  Classifying traffic is essential for detecting security threats and optimizing network management. We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships. MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
  arXiv  Detail & Related papers  (2024-12-19T12:52:53Z)
• Deep Internal Learning: Deep Learning from a Single Input [88.59966585422914]
  In many cases there is value in training a network just from the input at hand. This is particularly relevant in many signal and image processing problems where training data is scarce and diversity is large. This survey paper aims at covering deep internal-learning techniques that have been proposed in the past few years for these two important directions.
  arXiv  Detail & Related papers  (2023-12-12T16:48:53Z)
• Many or Few Samples? Comparing Transfer, Contrastive and Meta-Learning in Encrypted Traffic Classification [68.19713459228369]
  We compare transfer learning, meta-learning and contrastive learning against reference Machine Learning (ML) tree-based and monolithic DL models. We show that (i) using large datasets we can obtain more general representations, (ii) contrastive learning is the best methodology. While ML tree-based cannot handle large tasks but fits well small tasks, by means of reusing learned representations, DL methods are reaching tree-based models performance also for small tasks.
  arXiv  Detail & Related papers  (2023-05-21T11:20:49Z)
• Feature Mining for Encrypted Malicious Traffic Detection with Deep Learning and Other Machine Learning Algorithms [7.404682407709988]
  The popularity of encryption mechanisms poses a great challenge to malicious traffic detection. Traditional detection techniques cannot work without the decryption of encrypted traffic. In this paper, we provide an in-depth analysis of traffic features and compare different state-of-the-art traffic feature creation approaches. We propose a novel concept for encrypted traffic feature which is specifically designed for encrypted malicious traffic analysis.
  arXiv  Detail & Related papers  (2023-04-07T15:25:36Z)
• Visualization Of Class Activation Maps To Explain AI Classification Of Network Packet Captures [0.0]
  The number of connections and the addition of new applications in our networks causes a vast amount of log data. Deep learning methods provide both feature extraction and classification from data in a single system. We present a visual interactive tool that combines the classification of network data with an explanation technique to form an interface between experts, algorithms, and data.
  arXiv  Detail & Related papers  (2022-09-05T16:34:43Z)
• ALBench: A Framework for Evaluating Active Learning in Object Detection [102.81795062493536]
  This paper contributes an active learning benchmark framework named as ALBench for evaluating active learning in object detection. Developed on an automatic deep model training system, this ALBench framework is easy-to-use, compatible with different active learning algorithms, and ensures the same training and testing protocols.
  arXiv  Detail & Related papers  (2022-07-27T07:46:23Z)
• Fine-grained TLS Services Classification with Reject Option [0.0]
  This paper focuses on collecting a large up-to-date dataset with almost 200 fine-grained service labels and 140 million network flows extended with packet-level metadata. The number of flows is three orders of magnitude higher than in other existing public labeled datasets of encrypted traffic. The published dataset is intended as a benchmark for identifying services in encrypted traffic.
  arXiv  Detail & Related papers  (2022-02-24T09:44:12Z)
• Intrusion detection in computer systems by using artificial neural networks with Deep Learning approaches [0.0]
  Intrusion detection into computer networks has become one of the most important issues in cybersecurity. This paper focuses on the design and implementation of an intrusion detection system based on Deep Learning architectures.
  arXiv  Detail & Related papers  (2020-12-15T19:12:23Z)
• A Survey of Deep Learning for Data Caching in Edge Network [1.9798034349981157]
  This paper summarizes the utilization of deep learning for data caching in edge network. We first outline the typical research topics in content caching and formulate a taxonomy based on network hierarchical structure. Then, a number of key types of deep learning algorithms are presented, ranging from supervised learning to unsupervised learning as well as reinforcement learning.
  arXiv  Detail & Related papers  (2020-08-17T12:02:32Z)
• A Privacy-Preserving Distributed Architecture for Deep-Learning-as-a-Service [68.84245063902908]
  This paper introduces a novel distributed architecture for deep-learning-as-a-service. It is able to preserve the user sensitive data while providing Cloud-based machine and deep learning services.
  arXiv  Detail & Related papers  (2020-03-30T15:12:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.