Find in Library
Search millions of books, articles, and more
Indexed Open Access Databases
Length matters: Scalable fast encrypted internet traffic service classification based on multiple protocol data unit length sequence with composite deep learning
oleh: Zihan Chen, Guang Cheng, Ziheng Xu, Shuyi Guo, Yuyang Zhou, Yuyu Zhao
Format: | Article |
---|---|
Diterbitkan: | KeAi Communications Co., Ltd. 2022-06-01 |
Deskripsi
As an essential function of encrypted Internet traffic analysis, encrypted traffic service classification can support both coarse-grained network service traffic management and security supervision. However, the traditional plaintext-based Deep Packet Inspection (DPI) method cannot be applied to such a classification. Moreover, machine learning-based existing methods encounter two problems during feature selection: complex feature overcost processing and Transport Layer Security (TLS) version discrepancy. In this paper, we consider differences between encryption network protocol stacks and propose a composite deep learning-based method in multiprotocol environments using a sliding multiple Protocol Data Unit (multiPDU) length sequence as features by fully utilizing the Markov property in a multiPDU length sequence and maintaining suitability with a TLS-1.3 environment. Control experiments show that both Length-Sensitive (LS) composite deep learning model using a capsule neural network and LS-long short time memory achieve satisfactory effectiveness in F1-score and performance. Owing to faster feature extraction, our method is suitable for actual network environments and superior to state-of-the-art methods.