Multi-view Correlation-aware Network Traffic Detection on Flow Hypergraph
- URL: http://arxiv.org/abs/2501.08610v1
- Date: Wed, 15 Jan 2025 06:17:06 GMT
- Title: Multi-view Correlation-aware Network Traffic Detection on Flow Hypergraph
- Authors: Jiajun Zhou, Wentao Fu, Hao Song, Shanqing Yu, Qi Xuan, Xiaoniu Yang,
- Abstract summary: We propose a multi-view correlation-aware framework named FlowID for network traffic detection.
FlowID captures multi-view traffic features via temporal and interaction awareness, while a hypergraph encoder further explores higher-order relationships between flows.
We show that FlowID significantly outperforms existing methods in accuracy, robustness, and generalization across diverse network scenarios.
- Score: 5.64836465356865
- License:
- Abstract: As the Internet rapidly expands, the increasing complexity and diversity of network activities pose significant challenges to effective network governance and security regulation. Network traffic, which serves as a crucial data carrier of network activities, has become indispensable in this process. Network traffic detection aims to monitor, analyze, and evaluate the data flows transmitted across the network to ensure network security and optimize performance. However, existing network traffic detection methods generally suffer from several limitations: 1) a narrow focus on characterizing traffic features from a single perspective; 2) insufficient exploration of discriminative features for different traffic; 3) poor generalization to different traffic scenarios. To address these issues, we propose a multi-view correlation-aware framework named FlowID for network traffic detection. FlowID captures multi-view traffic features via temporal and interaction awareness, while a hypergraph encoder further explores higher-order relationships between flows. To overcome the challenges of data imbalance and label scarcity, we design a dual-contrastive proxy task, enhancing the framework's ability to differentiate between various traffic flows through traffic-to-traffic and group-to-group contrast. Extensive experiments on five real-world datasets demonstrate that FlowID significantly outperforms existing methods in accuracy, robustness, and generalization across diverse network scenarios, particularly in detecting malicious traffic.
Related papers
- Multi-Source Urban Traffic Flow Forecasting with Drone and Loop Detector Data [61.9426776237409]
Drone-captured data can create an accurate multi-sensor mobility observatory for large-scale urban networks.
A simple yet effective graph-based model HiMSNet is proposed to integrate multiple data modalities and learn-temporal correlations.
arXiv Detail & Related papers (2025-01-07T03:23:28Z) - Revolutionizing Encrypted Traffic Classification with MH-Net: A Multi-View Heterogeneous Graph Model [16.750119354563733]
MH-Net is a novel approach for classifying network traffic that leverages multi-view heterogeneous traffic graphs.
We employ contrastive learning in a multi-task manner to strengthen the robustness of the learned traffic unit representations.
arXiv Detail & Related papers (2025-01-05T16:50:41Z) - NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records.
We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
arXiv Detail & Related papers (2024-12-30T00:47:49Z) - MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.
We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.
MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z) - Diffusion Models Meet Network Management: Improving Traffic Matrix Analysis with Diffusion-based Approach [12.549916064729313]
This paper proposes a diffusion-based traffic matrix analysis framework named Diffusion-TM.
We show that our framework can obtain promising results even with $5%$ known values left in datasets.
arXiv Detail & Related papers (2024-11-29T06:20:34Z) - AI Flow at the Network Edge [58.31090055138711]
AI Flow is a framework that streamlines the inference process by jointly leveraging the heterogeneous resources available across devices, edge nodes, and cloud servers.
This article serves as a position paper for identifying the motivation, challenges, and principles of AI Flow.
arXiv Detail & Related papers (2024-11-19T12:51:17Z) - Network Anomaly Traffic Detection via Multi-view Feature Fusion [3.4590834781477864]
We propose a Multi-view Feature Fusion (MuFF) method for network anomaly traffic detection.
MuFF models the temporal and interactive relationships of packets in network traffic based on the temporal and interactive viewpoints respectively.
Experiments on six real traffic datasets show that MuFF has excellent performance in network anomalous traffic detection.
arXiv Detail & Related papers (2024-09-12T13:04:40Z) - TrafficGPT: Towards Multi-Scale Traffic Analysis and Generation with Spatial-Temporal Agent Framework [3.947797359736224]
We have designed a multi-scale traffic generation system, TrafficGPT, using three AI agents to process multi-scale traffic data.
TrafficGPT consists of three essential AI agents: 1) a text-to-demand agent to interact with users and extract prediction tasks through texts; 2) a traffic prediction agent that leverages multi-scale traffic data to generate temporal features and similarity; and 3) a suggestion and visualization agent that uses the prediction results to generate suggestions and visualizations.
arXiv Detail & Related papers (2024-05-08T07:48:40Z) - Graph Attention Network for Lane-Wise and Topology-Invariant Intersection Traffic Simulation [8.600701437207725]
We propose two efficient and accurate "Digital Twin" models for intersections.
These digital twins capture temporal, spatial, and contextual aspects of traffic within intersections.
Our study's applications extend to lane reconfiguration, driving behavior analysis, and facilitating informed decisions regarding intersection safety and efficiency enhancements.
arXiv Detail & Related papers (2024-04-11T03:02:06Z) - Correlating sparse sensing for large-scale traffic speed estimation: A
Laplacian-enhanced low-rank tensor kriging approach [76.45949280328838]
We propose a Laplacian enhanced low-rank tensor (LETC) framework featuring both lowrankness and multi-temporal correlations for large-scale traffic speed kriging.
We then design an efficient solution algorithm via several effective numeric techniques to scale up the proposed model to network-wide kriging.
arXiv Detail & Related papers (2022-10-21T07:25:57Z) - Road Network Guided Fine-Grained Urban Traffic Flow Inference [108.64631590347352]
Accurate inference of fine-grained traffic flow from coarse-grained one is an emerging yet crucial problem.
We propose a novel Road-Aware Traffic Flow Magnifier (RATFM) that exploits the prior knowledge of road networks.
Our method can generate high-quality fine-grained traffic flow maps.
arXiv Detail & Related papers (2021-09-29T07:51:49Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.