为了改善网络管理水平、加强网络安全监督,针对虚拟专用网络(virtual privatenetwork,VPN)通道下流量加密性强、不透明度高的特点,设计了加密流量数据的新构图方式,提出了基于变体ResNet18网络的加密流量分类算法。为了验证算法有效性,采集真实VPN通道下的热门app流量,成功实现了多VPN通道下的多应用流量分类。所提算法最终在公有数据集与真实采集数据集上的分类准确率分别达到98.1%和96.0%。实验结果表明,该算法具有通用性且具有一定的实际价值。
This paper proposes a new encrypted traffic classification algorithm based on a variant ResNet18 network to improve network management and strengthen network security supervision. A three-channel image construction is designed to address the strong encryption and high opacity characteristics of traffic in virtual private network (VPN) channels. The proposed method successfully identifies different apps’ traffic in different VPN channels, as validated using popular apps’ traffic collected from real VPN channels. The algorithm achieves 98.1% and 96.0% classification accuracy on public and self-collected datasets, respectively. Experimental results demonstrate the algorithm’s universality and practical value.
[1] Dharmapurikar S, Krishnamurthy P, Sproull T, et al. Deep packet inspection using parallel Bloom filters[C]//11th Symposium on High Performance Interconnects, 2003:44-51.
[2] Wang W, Zhu M, Wang J L, et al. End-to-end encrypted traffic classification with onedimensional convolution neural networks[C]//2017 IEEE International Conference on Intelligence and Security Informatics (ISI), 2017:43-48.
[3] Cui S S, Jiang B, Cai Z Z, et al. A session-packets-based encrypted traffic classification using capsule neural networks[C]//2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS), 2019:429-436.
[4] Rajasegaran J, Jayasundara V, Jayasekara S, et al. DeepCaps:going deeper with capsule networks[C]//2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2019:10717-10725.
[5] Chen Z T, He K, Li J, et al. Seq2Img:a sequence-to-image based approach towards IP traffic classification using convolutional neural networks[C]//2017 IEEE International Conference on Big Data (Big Data), 2017:1271-1276.
[6] Rosipal R, Trejo L J. Kernel partial least squares regression in reproducing kernel Hilbert space[J]. Journal of Machine Learning Research, 2001, 2:97-123.
[7] Wang X, Chen S H, Su J S. App-net:a hybrid neural network for encrypted mobile traffic classification[C]//IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2020:424-429.
[8] He K M, Zhang X Y, Ren S Q, et al. Deep residual learning for image recognition[C]//2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2016:770-778.
[9] Krizhevsky A, Sutskever I, Hinton G E. ImageNet classification with deep convolutional neural networks[J]. Communications of the ACM, 2017, 60(6):84-90.
[10] Simonyan K, Zisserman A. Very deep convolutional networks for large-scale image recognition[DB/OL]. 2014[2021-09-22]. https://arxiv.org/abs/1409.1556.
[11] Szegedy C, Liu W, Jia Y Q, et al. Going deeper with convolutions[C]//2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2015:1-9.
[12] Draper-Gil G, Lashkari A H, Mamun M S I, et al. Characterization of encrypted and VPN traffic using time-related features[C]//International Conference on Information Systems Security and Privacy (ICISSP), 2016:407-414.
