Journal
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS
Volume 166, Issue -, Pages -Publisher
ACADEMIC PRESS LTD- ELSEVIER SCIENCE LTD
DOI: 10.1016/j.jnca.2020.102711
Keywords
Traffic classification; Encrypted traffic; Gaussian mixture model; Hidden Markov model
Categories
Funding
- National Science and Technology Major Project of the Ministry of Science and Technology of China [2017ZX03001019-003]
- National Key R&D Plan Cyberspace Security Major Projects of China [2017YFB0801801]
- Science and Technology Service Network Initiative (STS) Project of Chinese Academy of Science [Y7X0071105]
- Young Elite Scientist Sponsorship Program by Henan Association for Science and Technology [2020HYTP008]
- Key Scientific and Technological Project of Henan Province [202102210352]
Ask authors/readers for more resources
To protect user privacy (e.g., IP address and sensitive data in a packet), many traffic protection methods, like traffic obfuscation and encryption technologies, are introduced. However, these methods have been used by attackers to transmit malicious traffic, posing a serious threat to network security. To enhance network traffic supervision, this paper proposes a new traffic classification model based on Gaussian mixture models and hidden Markov models, named MGHMM. To evaluate the effectiveness of the proposed model, we first classify protocols and identify the obfuscated traffic by experiments. Then, we compare the classification performance of MGHMM with that of the latest Vector Quantiser-based traffic classification algorithm. On the basis of the experiment, the relation between the classification and the number of hidden Markov states, and the number of mixture of Gaussian distributions required to describe the hidden states, are analyzed.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available