Abstract
Nowadays, traffic identification is becoming increasingly important in network security. But in practice, we often encounter unknown traffic, in which we do not know its specific type, and makes it very difficult to manage and maintain network security. The ability to divide the mixed unknown traffic into multiple clusters, each of which contains only one type as far as possible, is a key point to tackle this problem. In this paper, we propose a framework for unknown traffic identification based on neural networks and constraint information to improve the clustering purity. The framework consists of two main innovations: (1) It uses neural network methods to reduce the dimensionality and select features of network traffic. (2) It analyzes the constraint information of traffic and uses this information to guide the process of identification. To verify the effectiveness of the framework in this paper, we make contrast experiments on two real-world packet traces respectively. Through our experimental results, we find that the maximum clustering purity of our framework in this paper can reach 96.10% on the traces of Internet Service Provider (ISP) and 91.89% on the public traces. Experimental results show that the proposed framework is more effective than Gaussian Mixture Model (GMM).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, M., Wang, X., He, M., Jin, L., Javeed, K., Wang, X.: A network traffic classification model based on metric learning. Comp. Mater. Contin. 64(2), 941–959 (2020)
Zhang, J., Chen, X., Xiang, Y., Zhou, W.: Zero-day traffic identification. In: International Symposium on Cyberspace Safety and Security, pp. 213–227. Springer, Cham (2013)
Cotton, M., Eggert, L., Touch, J.D., Westerlund, M., Cheshire, S.: Internet assigned numbers authority (iana) procedures for the management of the service name and transport protocol port number registry. RFC 6335, 1–33 (2011)
Moore, A.W., Papagiannaki, K.: Toward the accurate identification of network applications. In: International Workshop on Passive and Active Network Measurement, pp. 41–54. Springer, Berlin, Heidelberg (2005)
Mao, J., Zhang, M., Chen, M., Chen, L., Xia, F.: Semisupervised encrypted traffic identification based on auxiliary classification generative adversarial network. Comput. Syst. Sci. Eng. 39(3), 373–390 (2021)
Umair, M.B., Iqbal, Z., Bilal, M., Nebhen, J., Almohamad, T.A.: An efficient internet traffic classification system using deep learning for iot. Comp. Mater. Contin. 71(1), 407–422 (2022)
Erman, J., Arlitt, M., Mahanti, A.: Traffic classification using clustering algorithms. In: Proceedings of the 2006 SIGCOMM workshop on Mining network data, pp. 281–286 (2006)
Liu, Y., Li, W., Li, Y.: Network traffic classification using k-means clustering. In: Second international multi-symposiums on computer and computational sciences (IMSCCS 2007), pp. 360–365. IEEE (2007)
Zhang, J., Chen, C., Xiang, Y., Zhou, W.: An effective network traffic classification method with unknown flow detection. IEEE Trans. Netw. Serv. Manage. 10(2), 133–147 (2013)
Moore, A.W., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pp. 50–60 (2005)
Ming-Hao, C., Yue-Fei, Z., Bin, L., Yi, Z., Ding, L.: Classification of application type of encrypted traffic based on attention-cnn. Computer Science 48(4), 325–332 (2021)
Wang, W., Zhu, M., Zeng, X., Ye, X., Sheng, Y.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN), pp. 712–717 (2017)
Yang, Y., Kang, C., Gou, G., Li, Z., Xiong, G.: TLS/SSL encrypted traffic classification with autoencoder and convolutional neural network. In: 2018 IEEE 20th International Conference on High Performance Computing and Communications; IEEE 16th International Conference on Smart City; IEEE 4th International Conference on Data Science and Systems (HPCC/SmartCity/DSS), pp. 362–369. IEEE (2018)
Ding, C., He, X.: Cluster structure of K-means clustering via principal component analysis. In: Pacific-Asia Conference on Knowledge Discovery and Data Mining. pp. 414–418. Springer, Berlin, Heidelberg (2004)
Chen, X., et al.: Variational lossy autoencoder. arXiv preprint arXiv:1611.02731 (2016)
Ng, J.D., Zhang, Z., Eyben, F., Schuller, B.: Autoencoder-based unsupervised domain adaptation for speech emotion recognition. IEEE Signal Process. Lett. 21(9), 1068–1072 (2014)
Cui, H., Xu, S., Zhang, L., Roy, E.W., Horn, K.P.: Berthold: the key techniques and future vision of feature selection in machine learning. J. Beijing Univ. Posts Telecommu. Rev. 41(1), 1–12 (2018)
Liou, C.Y., Cheng, W.C., Liou, J.W., Liou, D.R.: Autoencoder for words. Neurocomputing 139(2), 84–96 (2014)
Yaman, S., Pelecanos, J.W., Sarikaya, R.: Bottleneck features for speaker recognition. In: Odyssey, vol. 12, pp. 105–1108 (2012)
Dempster, A.P., Laird, N.M., Rubin, D.B.: Maximum likelihood from incomplete data via the EM algorithm. J. Roy. Stat. Soc.: Ser. B (Methodol.) 39(1), 1–122 (1997)
MAWI working group traffic archive. http://mawi.wide.ad.jp/mawi
Open source deep packet inspection software toolkit. https://github.com/ntop/nDPI
CICFlowMeter. https://www.unb.ca/cic/research/applications.html#CICFlowMeter
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kang, L., Ji, Q., Ni, L., Li, J. (2022). A Framework for Unknown Traffic Identification Based on Neural Networks and Constraint Information. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13340. Springer, Cham. https://doi.org/10.1007/978-3-031-06791-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-06791-4_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-06790-7
Online ISBN: 978-3-031-06791-4
eBook Packages: Computer ScienceComputer Science (R0)