Skip to main content
SpringerLink
Log in

A Framework for Unknown Traffic Identification Based on Neural Networks and Constraint Information

  • Conference paper
  • First Online:
Artificial Intelligence and Security (ICAIS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13340))

Included in the following conference series:

  • 1082 Accesses

Abstract

Nowadays, traffic identification is becoming increasingly important in network security. But in practice, we often encounter unknown traffic, in which we do not know its specific type, and makes it very difficult to manage and maintain network security. The ability to divide the mixed unknown traffic into multiple clusters, each of which contains only one type as far as possible, is a key point to tackle this problem. In this paper, we propose a framework for unknown traffic identification based on neural networks and constraint information to improve the clustering purity. The framework consists of two main innovations: (1) It uses neural network methods to reduce the dimensionality and select features of network traffic. (2) It analyzes the constraint information of traffic and uses this information to guide the process of identification. To verify the effectiveness of the framework in this paper, we make contrast experiments on two real-world packet traces respectively. Through our experimental results, we find that the maximum clustering purity of our framework in this paper can reach 96.10% on the traces of Internet Service Provider (ISP) and 91.89% on the public traces. Experimental results show that the proposed framework is more effective than Gaussian Mixture Model (GMM).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Chen, M., Wang, X., He, M., Jin, L., Javeed, K., Wang, X.: A network traffic classification model based on metric learning. Comp. Mater. Contin. 64(2), 941–959 (2020)

    Google Scholar 

  2. Zhang, J., Chen, X., Xiang, Y., Zhou, W.: Zero-day traffic identification. In: International Symposium on Cyberspace Safety and Security, pp. 213–227. Springer, Cham (2013)

    Google Scholar 

  3. Cotton, M., Eggert, L., Touch, J.D., Westerlund, M., Cheshire, S.: Internet assigned numbers authority (iana) procedures for the management of the service name and transport protocol port number registry. RFC 6335, 1–33 (2011)

    Google Scholar 

  4. Moore, A.W., Papagiannaki, K.: Toward the accurate identification of network applications. In: International Workshop on Passive and Active Network Measurement, pp. 41–54. Springer, Berlin, Heidelberg (2005)

    Google Scholar 

  5. Mao, J., Zhang, M., Chen, M., Chen, L., Xia, F.: Semisupervised encrypted traffic identification based on auxiliary classification generative adversarial network. Comput. Syst. Sci. Eng. 39(3), 373–390 (2021)

    Article  Google Scholar 

  6. Umair, M.B., Iqbal, Z., Bilal, M., Nebhen, J., Almohamad, T.A.: An efficient internet traffic classification system using deep learning for iot. Comp. Mater. Contin. 71(1), 407–422 (2022)

    Google Scholar 

  7. Erman, J., Arlitt, M., Mahanti, A.: Traffic classification using clustering algorithms. In: Proceedings of the 2006 SIGCOMM workshop on Mining network data, pp. 281–286 (2006)

    Google Scholar 

  8. Liu, Y., Li, W., Li, Y.: Network traffic classification using k-means clustering. In: Second international multi-symposiums on computer and computational sciences (IMSCCS 2007), pp. 360–365. IEEE (2007)

    Google Scholar 

  9. Zhang, J., Chen, C., Xiang, Y., Zhou, W.: An effective network traffic classification method with unknown flow detection. IEEE Trans. Netw. Serv. Manage. 10(2), 133–147 (2013)

    Article  Google Scholar 

  10. Moore, A.W., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pp. 50–60 (2005)

    Google Scholar 

  11. Ming-Hao, C., Yue-Fei, Z., Bin, L., Yi, Z., Ding, L.: Classification of application type of encrypted traffic based on attention-cnn. Computer Science 48(4), 325–332 (2021)

    Google Scholar 

  12. Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712–717 (2017)

    Google Scholar 

  13. Yang, Y., Kang, C., Gou, G., Li, Z., Xiong, G.: TLS/SSL encrypted traffic classification with autoencoder and convolutional neural network. In: 2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference on Smart City; IEEE 4th International Conference on Data Science and Systems (HPCC/SmartCity/DSS), pp. 362–369. IEEE (2018)

    Google Scholar 

  14. Ding, C., He, X.: Cluster structure of K-means clustering via principal component analysis. In: Pacific-Asia Conference on Knowledge Discovery and Data Mining. pp. 414–418. Springer, Berlin, Heidelberg (2004)

    Google Scholar 

  15. Chen, X., et al.: Variational lossy autoencoder. arXiv preprint arXiv:1611.02731 (2016)

  16. Ng, J.D., Zhang, Z., Eyben, F., Schuller, B.: Autoencoder-based unsupervised domain adaptation for speech emotion recognition. IEEE Signal Process. Lett. 21(9), 1068–1072 (2014)

    Article  Google Scholar 

  17. Cui, H., Xu, S., Zhang, L., Roy, E.W., Horn, K.P.: Berthold: the key techniques and future vision of feature selection in machine learning. J. Beijing Univ. Posts Telecommu. Rev. 41(1), 1–12 (2018)

    Google Scholar 

  18. Liou, C.Y., Cheng, W.C., Liou, J.W., Liou, D.R.: Autoencoder for words. Neurocomputing 139(2), 84–96 (2014)

    Article  Google Scholar 

  19. Yaman, S., Pelecanos, J.W., Sarikaya, R.: Bottleneck features for speaker recognition. In: Odyssey, vol. 12, pp. 105–1108 (2012)

    Google Scholar 

  20. Dempster, A.P., Laird, N.M., Rubin, D.B.: Maximum likelihood from incomplete data via the EM algorithm. J. Roy. Stat. Soc.: Ser. B (Methodol.) 39(1), 1–122 (1997)

    MathSciNet  MATH  Google Scholar 

  21. MAWI working group traffic archive. http://mawi.wide.ad.jp/mawi

  22. Open source deep packet inspection software toolkit. https://github.com/ntop/nDPI

  23. CICFlowMeter. https://www.unb.ca/cic/research/applications.html#CICFlowMeter

Download references

Author information

Authors and Affiliations

  1. Science and Technology On Communication Security Laboratory, Chengdu, China

    Lu Kang, Qingbing Ji & Lvlin Ni

  2. School of Cybersecurity, Northwestern Polytechnical University, Xi’an, China

    Qingbing Ji

  3. School of Information Technology, Deakin University, Melbourne, Australia

    Jiaxin Li

Authors
  1. Lu Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qingbing Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lvlin Ni
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jiaxin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qingbing Ji .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Xiaorui Zhang

  3. Jinan University, Guangzhou, China

    Zhihua Xia

  4. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kang, L., Ji, Q., Ni, L., Li, J. (2022). A Framework for Unknown Traffic Identification Based on Neural Networks and Constraint Information. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13340. Springer, Cham. https://doi.org/10.1007/978-3-031-06791-4_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-06791-4_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-06790-7

  • Online ISBN: 978-3-031-06791-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation