Application-layer Characterization and Traffic Analysis for Encrypted QUIC Transport Protocol

• URL: http://arxiv.org/abs/2310.10676v1
• Date: Tue, 10 Oct 2023 20:09:46 GMT
• Title: Application-layer Characterization and Traffic Analysis for Encrypted QUIC Transport Protocol
• Authors: Qianqian Zhang, Chi-Jiun Su,
• Abstract summary: We propose a novel rule-based approach to estimate the application-level traffic attributes without decrypting QUIC packets. Based on the size, timing, and direction information, our proposed algorithm analyzes the associated network traffic. The inferred HTTP attributes can be used to evaluate the QoE of application-layer services and identify the service categories for traffic classification in the encrypted QUIC connections.
• Score: 14.40132345175898
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Quick UDP Internet Connection (QUIC) is an emerging end-to-end encrypted, transport-layer protocol, which has been increasingly adopted by popular web services to improve communication security and quality of experience (QoE) towards end-users. However, this tendency makes the traffic analysis more challenging, given the limited information in the QUIC packet header and full encryption on the payload. To address this challenge, a novel rule-based approach is proposed to estimate the application-level traffic attributes without decrypting QUIC packets. Based on the size, timing, and direction information, our proposed algorithm analyzes the associated network traffic to infer the identity of each HTTP request and response pair, as well as the multiplexing feature in each QUIC connection. The inferred HTTP attributes can be used to evaluate the QoE of application-layer services and identify the service categories for traffic classification in the encrypted QUIC connections.

Related papers

• Estimating the Number of HTTP/3 Responses in QUIC Using Deep Learning [7.795761092358769]
  This paper proposes a novel solution for estimating the number of HTTP/3 responses in a given QUIC connection by an observer. The proposed scheme transforms QUIC connection traces into a sequence of images and trains machine learning (ML) models to predict the number of responses. The scheme achieves up to 97% cumulative accuracy in both known and unknown web server settings and 92% accuracy in estimating the total number of responses in unseen QUIC traces.
  arXiv  Detail & Related papers  (2024-10-08T15:40:22Z)
• Exploring QUIC Dynamics: A Large-Scale Dataset for Encrypted Traffic Analysis [7.795761092358769]
  We introduce VisQUIC, a labeled dataset comprising over 100,000 QUIC traces from more than 44,000 websites (URLs) These traces provide the foundation for generating more than seven million images, with parameters of window length, pixel resolution, normalization, and labels. To illustrate the dataset's potential, we offer a use-case example of an observer estimating the number of HTTP/3 responses/requests pairs in a given QUIC.
  arXiv  Detail & Related papers  (2024-09-30T10:50:12Z)
• Lens: A Foundation Model for Network Traffic [19.3652490585798]
  Lens is a foundation model for network traffic that leverages the T5 architecture to learn the pre-trained representations from large-scale unlabeled data. We design a novel loss that combines three distinct tasks: Masked Span Prediction (MSP), Packet Order Prediction (POP), and Homologous Traffic Prediction (HTP)
  arXiv  Detail & Related papers  (2024-02-06T02:45:13Z)
• Matching Game for Optimized Association in Quantum Communication Networks [65.16483325184237]
  This paper proposes a swap-stable request-QS association algorithm for quantum switches. It achieves a near-optimal (within 5%) performance in terms of the percentage of served requests. It is shown to be scalable and maintain its near-optimal performance even when the size of the QCN increases.
  arXiv  Detail & Related papers  (2023-05-22T03:39:18Z)
• Optimization of Image Transmission in a Cooperative Semantic Communication Networks [68.2233384648671]
  A semantic communication framework for image transmission is developed. Servers cooperatively transmit images to a set of users utilizing semantic communication techniques. A multimodal metric is proposed to measure the correlation between the extracted semantic information and the original image.
  arXiv  Detail & Related papers  (2023-01-01T15:59:13Z)
• Utilizing Background Knowledge for Robust Reasoning over Traffic Situations [63.45021731775964]
  We focus on a complementary research aspect of Intelligent Transportation: traffic understanding. We scope our study to text-based methods and datasets given the abundant commonsense knowledge. We adopt three knowledge-driven approaches for zero-shot QA over traffic situations.
  arXiv  Detail & Related papers  (2022-12-04T09:17:24Z)
• Multi-view Multi-label Anomaly Network Traffic Classification based on MLP-Mixer Neural Network [55.21501819988941]
  Existing network traffic classification based on convolutional neural networks (CNNs) often emphasizes local patterns of traffic data while ignoring global information associations. We propose an end-to-end network traffic classification method.
  arXiv  Detail & Related papers  (2022-10-30T01:52:05Z)
• Federated Semi-Supervised Classification of Multimedia Flows for 3D Networks [0.16799377888527683]
  Traffic classification is crucial for traffic shaping, network slicing, and Quality of Service (QoS) management. 3D networks offer multiple routes that can guarantee different levels of anomaly detection. In this paper, a cooperative feature selection and feature reduction learning scheme is proposed to classify network traffic in a semi-supervised manner.
  arXiv  Detail & Related papers  (2022-05-01T20:18:07Z)
• AI-aided Traffic Control Scheme for M2M Communications in the Internet of Vehicles [61.21359293642559]
  The dynamics of traffic and the heterogeneous requirements of different IoV applications are not considered in most existing studies. We consider a hybrid traffic control scheme and use proximal policy optimization (PPO) method to tackle it.
  arXiv  Detail & Related papers  (2022-03-05T10:54:05Z)
• FENXI: Deep-learning Traffic Analytics at the Edge [69.34903175081284]
  We present FENXI, a system to run complex analytics by leveraging TPU. FENXI decouples operations and traffic analytics which operates at different granularities. Our analysis shows that FENXI can sustain forwarding line rate traffic processing requiring only limited resources.
  arXiv  Detail & Related papers  (2021-05-25T08:02:44Z)
• Website fingerprinting on early QUIC traffic [12.18618920843956]
  We study the vulnerabilities of GQUIC, IQUIC, and HTTPS to WFP attacks from the perspective of traffic analysis. GQUIC is the most vulnerable to WFP attacks among GQUIC, IQUIC, and HTTPS, while IQUIC is more vulnerable than HTTPS, but the vulnerability of the three protocols is similar in the normal full traffic scenario.
  arXiv  Detail & Related papers  (2021-01-28T08:53:51Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.