Journal
2022 27TH IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (IEEE ISCC 2022)
Volume -, Issue -, Pages -Publisher
IEEE
DOI: 10.1109/ISCC55528.2022.9913053
Keywords
encrypted unknown protocol; traffic classification; feature extraction; machine learning
Categories
Funding
- National Key R&D Program of China [2021YFB3101403]
- Fundamental Research Funds for the Central Universities
- Jiangsu Provincial Key Laboratory of Network and Information Security
Ask authors/readers for more resources
This paper proposes a practical method (PSCM) to automatically extract encrypted unknown protocol features and achieves high accuracy in real-world network traffic.
Network traffic classification is the basis for network management, Quality of Service and intrusion detection. As the number of Internet applications increases, the variety of unknown protocols grows, posing a significant challenge to network traffic classification. Traditional rule-based traffic classification methods are currently limited by the rise of dynamic ports and encryption protocols. Statistical methods using statistical features have good recognition of protocols with public formats. However, there is no public protocol format for unknown protocols, making it challenging to extract useful features. This paper proposes a practical Probability Statistics and Cluster Merging (PSCM) method to automatically extract encrypted unknown protocol features and map the clustering results to the actual protocols. Experimental results on real-world network traffic show that the method achieves an accuracy of 99.28% and performs well in the sampling scenarios.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available