Related papers: Early-MFC: Enhanced Flow Correlation Attacks on Tor via Multi-view Triplet Networks with Early Network Traffic

Early-MFC: Enhanced Flow Correlation Attacks on Tor via Multi-view Triplet Networks with Early Network Traffic

URL: http://arxiv.org/abs/2503.16847v1
Date: Fri, 21 Mar 2025 04:36:51 GMT
Title: Early-MFC: Enhanced Flow Correlation Attacks on Tor via Multi-view Triplet Networks with Early Network Traffic
Authors: Yali Yuan, Qianqi Niu, Yachao Yuan,
Abstract summary: We propose flow correlation attack with early network traffic, named Early-MFC, based on multi-view triplet networks.<n>The proposed approach extracts multi-view traffic features from the payload at the transport layer and the Inter-Packet Delay.<n>It then integrates multi-view flow information, converting the extracted features into shared embeddings.
Score: 1.7244120238071496
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Flow correlation attacks is an efficient network attacks, aiming to expose those who use anonymous network services, such as Tor. Conducting such attacks during the early stages of network communication is particularly critical for scenarios demanding rapid decision-making, such as cybercrime detection or financial fraud prevention. Although recent studies have made progress in flow correlation attacks techniques, research specifically addressing flow correlation with early network traffic flow remains limited. Moreover, due to factors such as model complexity, training costs, and real-time requirements, existing technologies cannot be directly applied to flow correlation with early network traffic flow. In this paper, we propose flow correlation attack with early network traffic, named Early-MFC, based on multi-view triplet networks. The proposed approach extracts multi-view traffic features from the payload at the transport layer and the Inter-Packet Delay. It then integrates multi-view flow information, converting the extracted features into shared embeddings. By leveraging techniques such as metric learning and contrastive learning, the method optimizes the embeddings space by ensuring that similar flows are mapped closer together while dissimilar flows are positioned farther apart. Finally, Bayesian decision theory is applied to determine flow correlation, enabling high-accuracy flow correlation with early network traffic flow. Furthermore, we investigate flow correlation attacks under extra-early network traffic flow conditions. To address this challenge, we propose Early-MFC+, which utilizes payload data to construct embedded feature representations, ensuring robust performance even with minimal packet availability.

Related papers

RevealNet: Distributed Traffic Correlation for Attack Attribution on Programmable Networks [3.351939661661333]
RevealNet is a decentralized framework for attack attribution. It orchestrates a fleet of P4-programmable switches to perform traffic correlation. Our evaluation suggests that RevealNet achieves comparable accuracy to centralized attack attribution systems.
arXiv Detail & Related papers (2025-05-01T15:48:35Z)
Multi-view Correlation-aware Network Traffic Detection on Flow Hypergraph [5.64836465356865]
We propose a multi-view correlation-aware framework named FlowID for network traffic detection.<n>FlowID captures multi-view traffic features via temporal and interaction awareness, while a hypergraph encoder further explores higher-order relationships between flows.<n>We show that FlowID significantly outperforms existing methods in accuracy, robustness, and generalization across diverse network scenarios.
arXiv Detail & Related papers (2025-01-15T06:17:06Z)
NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records.<n>We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
arXiv Detail & Related papers (2024-12-30T00:47:49Z)
MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.<n>We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.<n>MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z)
Diffusion Models Meet Network Management: Improving Traffic Matrix Analysis with Diffusion-based Approach [12.549916064729313]
This paper proposes a diffusion-based traffic matrix analysis framework named Diffusion-TM.<n>We show that our framework can obtain promising results even with $5%$ known values left in datasets.
arXiv Detail & Related papers (2024-11-29T06:20:34Z)
AI Flow at the Network Edge [58.31090055138711]
AI Flow is a framework that streamlines the inference process by jointly leveraging the heterogeneous resources available across devices, edge nodes, and cloud servers. This article serves as a position paper for identifying the motivation, challenges, and principles of AI Flow.
arXiv Detail & Related papers (2024-11-19T12:51:17Z)
Correlating sparse sensing for large-scale traffic speed estimation: A Laplacian-enhanced low-rank tensor kriging approach [76.45949280328838]
We propose a Laplacian enhanced low-rank tensor (LETC) framework featuring both lowrankness and multi-temporal correlations for large-scale traffic speed kriging. We then design an efficient solution algorithm via several effective numeric techniques to scale up the proposed model to network-wide kriging.
arXiv Detail & Related papers (2022-10-21T07:25:57Z)
Data-Driven Traffic Assignment: A Novel Approach for Learning Traffic Flow Patterns Using a Graph Convolutional Neural Network [1.3706331473063877]
We present a novel data-driven approach of learning traffic flow patterns of a transportation network. We develop a neural network-based framework known as Graph Convolutional Neural Network (GCNN) to solve it. When the training of the model is complete, it can instantly determine the traffic flows of a large-scale network.
arXiv Detail & Related papers (2022-02-21T19:45:15Z)
Road Network Guided Fine-Grained Urban Traffic Flow Inference [108.64631590347352]
Accurate inference of fine-grained traffic flow from coarse-grained one is an emerging yet crucial problem. We propose a novel Road-Aware Traffic Flow Magnifier (RATFM) that exploits the prior knowledge of road networks. Our method can generate high-quality fine-grained traffic flow maps.
arXiv Detail & Related papers (2021-09-29T07:51:49Z)
TrafficStream: A Streaming Traffic Flow Forecasting Framework Based on Graph Neural Networks and Continual Learning [10.205873494981633]
We propose a Streaming Traffic Flow Forecasting Framework, TrafficStream, based on Graph Neural Networks (GNNs) and Continual Learning (CL) A JS-divergence-based algorithm is proposed to mine new traffic patterns. We construct a streaming traffic dataset to verify the efficiency and effectiveness of our model.
arXiv Detail & Related papers (2021-06-11T09:42:37Z)
Prediction of Traffic Flow via Connected Vehicles [77.11902188162458]
We propose a Short-term Traffic flow Prediction framework so that transportation authorities take early actions to control flow and prevent congestion. We anticipate flow at future time frames on a target road segment based on historical flow data and innovative features such as real time feeds and trajectory data provided by Connected Vehicles (CV) technology. We show how this novel approach allows advanced modelling by integrating into the forecasting of flow, the impact of various events that CV realistically encountered on segments along their trajectory.
arXiv Detail & Related papers (2020-07-10T16:00:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.