Estimating the Number of HTTP/3 Responses in QUIC Using Deep Learning

• URL: http://arxiv.org/abs/2410.06140v2
• Date: Wed, 11 Dec 2024 16:59:51 GMT
• Title: Estimating the Number of HTTP/3 Responses in QUIC Using Deep Learning
• Authors: Barak Gahtan, Robert J. Shahla, Reuven Cohen, Alex M. Bronstein,
• Abstract summary: This paper proposes a novel method to estimate the number of HTTP/3 responses in a given QUIC connection by an observer. The proposed scheme transforms QUIC connection traces into image sequences and uses machine learning (ML) models, guided by a tailored loss function, to predict response counts.
• Score: 7.795761092358769
• License:
• Abstract: QUIC, a new and increasingly used transport protocol, enhances TCP by offering improved security, performance, and stream multiplexing. These features, however, also impose challenges for network middle-boxes that need to monitor and analyze web traffic. This paper proposes a novel method to estimate the number of HTTP/3 responses in a given QUIC connection by an observer. This estimation reveals server behavior, client-server interactions, and data transmission efficiency, which is crucial for various applications such as designing a load balancing solution and detecting HTTP/3 flood attacks. The proposed scheme transforms QUIC connection traces into image sequences and uses machine learning (ML) models, guided by a tailored loss function, to predict response counts. Evaluations on more than seven million images-derived from 100,000 traces collected across 44,000 websites over four months-achieve up to 97% accuracy in both known and unknown server settings and 92% accuracy on previously unseen complete QUIC traces.

Related papers

• NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
  We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records. We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
  arXiv  Detail & Related papers  (2024-12-30T00:47:49Z)
• Unlearn and Burn: Adversarial Machine Unlearning Requests Destroy Model Accuracy [65.80757820884476]
  We expose a critical yet underexplored vulnerability in the deployment of unlearning systems. We present a threat model where an attacker can degrade model accuracy by submitting adversarial unlearning requests for data not present in the training set. We evaluate various verification mechanisms to detect the legitimacy of unlearning requests and reveal the challenges in verification.
  arXiv  Detail & Related papers  (2024-10-12T16:47:04Z)
• Exploring QUIC Dynamics: A Large-Scale Dataset for Encrypted Traffic Analysis [7.795761092358769]
  We introduce VisQUIC, a publicly available dataset of over 100,000 labeled QUIC traces with corresponding SSL keys. By generating visual representations of the traces, we facilitate advanced machine learning (ML) applications and in-depth analysis of encrypted QUIC traffic. Our dataset enables comprehensive studies on QUIC and HTTP/3 protocols and supports the development of tools for encrypted traffic analysis.
  arXiv  Detail & Related papers  (2024-09-30T10:50:12Z)
• ConvLSTMTransNet: A Hybrid Deep Learning Approach for Internet Traffic Telemetry [0.0]
  We present a novel hybrid deep learning model, named ConvLSTMTransNet, designed for time series prediction. Our findings demonstrate that ConvLSTMTransNet significantly outperforms the baseline models by approximately 10% in terms of prediction accuracy.
  arXiv  Detail & Related papers  (2024-09-20T03:12:57Z)
• Lens: A Foundation Model for Network Traffic [19.3652490585798]
  Lens is a foundation model for network traffic that leverages the T5 architecture to learn the pre-trained representations from large-scale unlabeled data. We design a novel loss that combines three distinct tasks: Masked Span Prediction (MSP), Packet Order Prediction (POP), and Homologous Traffic Prediction (HTP)
  arXiv  Detail & Related papers  (2024-02-06T02:45:13Z)
• Application-layer Characterization and Traffic Analysis for Encrypted QUIC Transport Protocol [14.40132345175898]
  We propose a novel rule-based approach to estimate the application-level traffic attributes without decrypting QUIC packets. Based on the size, timing, and direction information, our proposed algorithm analyzes the associated network traffic. The inferred HTTP attributes can be used to evaluate the QoE of application-layer services and identify the service categories for traffic classification in the encrypted QUIC connections.
  arXiv  Detail & Related papers  (2023-10-10T20:09:46Z)
• Pushing the Limits of Asynchronous Graph-based Object Detection with Event Cameras [62.70541164894224]
  We introduce several architecture choices which allow us to scale the depth and complexity of such models while maintaining low computation. Our method runs 3.7 times faster than a dense graph neural network, taking only 8.4 ms per forward pass.
  arXiv  Detail & Related papers  (2022-11-22T15:14:20Z)
• ET-BERT: A Contextualized Datagram Representation with Pre-training Transformers for Encrypted Traffic Classification [9.180725486824118]
  We propose a new traffic representation model called Encrypted Traffic Bidirectional Representations from Transformer (ET-BERT) The pre-trained model can be fine-tuned on a small number of task-specific labeled data and achieves state-of-the-art performance across five encrypted traffic classification tasks.
  arXiv  Detail & Related papers  (2022-02-13T14:54:48Z)
• Fast Uncertainty Quantification for Deep Object Pose Estimation [91.09217713805337]
  Deep learning-based object pose estimators are often unreliable and overconfident. In this work, we propose a simple, efficient, and plug-and-play UQ method for 6-DoF object pose estimation.
  arXiv  Detail & Related papers  (2020-11-16T06:51:55Z)
• Object Tracking through Residual and Dense LSTMs [67.98948222599849]
  Deep learning-based trackers based on LSTMs (Long Short-Term Memory) recurrent neural networks have emerged as a powerful alternative. DenseLSTMs outperform Residual and regular LSTM, and offer a higher resilience to nuisances. Our case study supports the adoption of residual-based RNNs for enhancing the robustness of other trackers.
  arXiv  Detail & Related papers  (2020-06-22T08:20:17Z)
• Taurus: A Data Plane Architecture for Per-Packet ML [59.1343317736213]
  We present the design and implementation of Taurus, a data plane for line-rate inference. Our evaluation of a Taurus switch ASIC shows that Taurus operates orders of magnitude faster than a server-based control plane.
  arXiv  Detail & Related papers  (2020-02-12T09:18:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.