A Novel QUIC Traffic Classifier Based on Convolutional Neural Networks

Tong, Van; Tran, Hai Anh; Souihi, Sami; Mellouk, Abdelhamid

doi:10.1109/glocom.2018.8647128

Cited by 78 publications

(39 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some of the drawbacks in their implementation is that they did not consider the network's bandwidth that the customers might want to subscribe to, authors in (Salman et. al., 2018) used an imbalanced network traffic dataset to train their classification system while in (Tong et. al., 2018), the flow-based network traffic needs to be observed, thereby making their system online suitable for offline applications identification.…”

Section: Gap Analysismentioning

confidence: 99%

Encrypted Network Traffic Classification using Ensemble Learning Techniques

Obasi¹

View full text Add to dashboard Cite

Section: Gap Analysismentioning

confidence: 99%

Encrypted Network Traffic Classification using Ensemble Learning Techniques

Obasi¹

View full text Add to dashboard Cite

“…However, it cannot be used for early prediction as the input is built based on the entire flow. In [23], the authors used a combination of classical machine learning and deep learning for classification of five Google services that use QUIC protocol. They proposed a two step classification procedure: first, they used statistical features with random forest to classify three classes (that is, voice, chat, others), and then they used payload data with a CNN model for classifying other classes.…”

Section: A General Traffic Classificationmentioning

confidence: 99%

Large-Scale Mobile App Identification Using Deep Learning

2020

View full text Add to dashboard Cite

Many network services and tools (e.g. network monitors, malware-detection systems, routing and billing policy enforcement modules in ISPs) depend on identifying the type of traffic that passes through the network. With the widespread use of mobile devices, the vast diversity of mobile apps, and the massive adoption of encryption protocols (such as TLS), large-scale encrypted traffic classification becomes increasingly difficult. In this paper, we propose a deep learning model for mobile app identification that works even with encrypted traffic. The proposed model only needs the payload of the first few packets for classification, and, hence, it is suitable even for applications that rely on early prediction, such as routing and QoS provisioning. The deep model achieves between 84% to 98% accuracy for the identification of 80 popular apps. We also perform occlusion analysis to bring insight into what data is leaked from SSL/TLS protocol that allows accurate app identification. Moreover, our traffic analysis shows that many apps generate not only app-specific traffic, but also numerous ambiguous flows. Ambiguous flows are flows generated by common functionality modules, such as advertisement and traffic analytics. Because such flows are common among many different apps, identifying the source app that generates ambiguous flows is challenging. To address this challenge, we propose a CNN+LSTM model that uses adjacent flows to learn the order and pattern of multiple flows, to better identify the app that generates them. We show that such flow association considerably improves the accuracy, particularly for ambiguous flows. Furthermore, we show that our approach is robust to mixed traffic scenarios where some unrelated flows may appear in adjacent flows. To the best of our knowledge, this is the first work that identifies the source app for ambiguous flows.

show abstract

“…The dataset composes of four different QUIC services, which are: Google Documents, Google, Drive, Google Music and YouTube. We followed the same procedure as in [3], [19] to generate traffic flows. We used selenium web driver [20] and autoIt [21] to generate scripts, and then captured the network traffic.…”

Section: A Quic Datasetmentioning

confidence: 99%

Semi-Supervised Encrypted Traffic Classification With Deep Convolutional Generative Adversarial Networks

Iliyasu

Deng

2020

IEEE Access

View full text Add to dashboard Cite

Network traffic classification serves as a building block for important tasks such as security and quality of service management. The field has been studied for a long time, with many techniques such as classical machine learning and deep learning methods currently available. However, the emergence of stronger encryption protocols has led to the rise of new challenges. One of the challenges is capturing and labeling a large amount of encrypted traffic data especially for training deep learning classifiers, as current techniques rely on deep packet inspection tools (DPI) which perform poorly on encrypted traffic. In this paper, we propose a semi-supervised learning approach using Deep Convolutional Generative Adversarial Network (DCGAN). The basic idea is to utilize the samples generated by DCGAN generators as well as unlabeled data to improve the performance of a classifier trained on a few labeled samples. Thus, alleviating the difficulties associated with large dataset collecting and labeling. To demonstrate the efficacy of our approach, we evaluated our model using a self-collected dataset of the recently established QUIC protocol as well as publicly available ISCX VPN-NonVPN dataset. Our approach is able to achieve 89% and 78% accuracy with a very small number of labeled samples (just 10% of the dataset) on both QUIC and ISCX VPN-NonVPN datasets respectively. INDEX TERMS Deep convolutional generative adversarial network, encrypted traffic classification, semi-supervised learning.

show abstract

A Novel QUIC Traffic Classifier Based on Convolutional Neural Networks

Cited by 78 publications

References 8 publications

Encrypted Network Traffic Classification using Ensemble Learning Techniques

Encrypted Network Traffic Classification using Ensemble Learning Techniques

Large-Scale Mobile App Identification Using Deep Learning

Semi-Supervised Encrypted Traffic Classification With Deep Convolutional Generative Adversarial Networks

Contact Info

Product

Resources

About