Submit

Login Login

Register Register

Home/ Journals/ CMC/ Vol.79, No.1, 2024/ 10.32604/cmc.2024.049904

Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

Combo Packet: An Encryption Traffic Classification Method Based on Contextual Information

Yuancong Chai, Yuefei Zhu*, Wei Lin, Ding Li

State Key Laboratory of Mathematical Engineering and Advanced Computing, Information Engineering University, Zhengzhou, 450001, China

* Corresponding Author: Yuefei Zhu. Email: email

Computers, Materials & Continua 2024, 79(1), 1223-1243. https://doi.org/10.32604/cmc.2024.049904

Received 22 January 2024; Accepted 08 March 2024; Issue published 25 April 2024

Abstract

With the increasing proportion of encrypted traffic in cyberspace, the classification of encrypted traffic has become a core key technology in network supervision. In recent years, many different solutions have emerged in this field. Most methods identify and classify traffic by extracting spatiotemporal characteristics of data flows or byte-level features of packets. However, due to changes in data transmission mediums, such as fiber optics and satellites, temporal features can exhibit significant variations due to changes in communication links and transmission quality. Additionally, partial spatial features can change due to reasons like data reordering and retransmission. Faced with these challenges, identifying encrypted traffic solely based on packet byte-level features is significantly difficult. To address this, we propose a universal packet-level encrypted traffic identification method, Combo Packet. This method utilizes convolutional neural networks to extract deep features of the current packet and its contextual information and employs spatial and channel attention mechanisms to select and locate effective features. Experimental data shows that Combo Packet can effectively distinguish between encrypted traffic service categories (e.g., File Transfer Protocol, FTP, and Peer-to-Peer, P2P) and encrypted traffic application categories (e.g., BitTorrent and Skype). Validated on the ISCX VPN-non VPN dataset, it achieves classification accuracies of 97.0% and 97.1% for service and application categories, respectively. It also provides shorter training times and higher recognition speeds. The performance and recognition capabilities of Combo Packet are significantly superior to the existing classification methods mentioned.

Keywords

Cite This Article

APA Style
Chai, Y., Zhu, Y., Lin, W., Li, D. (2024). Combo packet: an encryption traffic classification method based on contextual information. Computers, Materials & Continua, 79(1), 1223-1243. https://doi.org/10.32604/cmc.2024.049904
Vancouver Style
Chai Y, Zhu Y, Lin W, Li D. Combo packet: an encryption traffic classification method based on contextual information. Comput Mater Contin. 2024;79(1):1223-1243 https://doi.org/10.32604/cmc.2024.049904
IEEE Style
Y. Chai, Y. Zhu, W. Lin, and D. Li, “Combo Packet: An Encryption Traffic Classification Method Based on Contextual Information,” Comput. Mater. Contin., vol. 79, no. 1, pp. 1223-1243, 2024. https://doi.org/10.32604/cmc.2024.049904
BibTex EndNote RIS



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 524

    View

  • 281

    Download

  • 0

    Like

Related articles

Copyright© 2024 Tech Science Press
© 1997-2024 TSP (Henderson, USA) unless otherwise stated

Share Link