Encrypted traffic classification based on Gaussian mixture models and Hidden Markov Models

被引:42
作者
Yao, Zhongjiang [1 ,2 ]
Ge, Jingguo [1 ,2 ]
Wu, Yulei [3 ]
Lin, Xiaosheng [4 ]
He, Runkang [1 ,2 ]
Ma, Yuxiang [5 ]
机构
[1] Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China
[2] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China
[3] Univ Exeter, Coll Engn Math & Phys Sci, Exeter EX4 4QF, Devon, England
[4] Jilin Prov Acad Environm Sci, Jilin, Jilin, Peoples R China
[5] Henan Univ, Sch Comp & Informat Engn, Kaifeng 475004, Peoples R China
来源
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | 2020年 / 166卷
关键词
Traffic classification; Encrypted traffic; Gaussian mixture model; Hidden Markov model; NETWORK;
D O I
10.1016/j.jnca.2020.102711
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
To protect user privacy (e.g., IP address and sensitive data in a packet), many traffic protection methods, like traffic obfuscation and encryption technologies, are introduced. However, these methods have been used by attackers to transmit malicious traffic, posing a serious threat to network security. To enhance network traffic supervision, this paper proposes a new traffic classification model based on Gaussian mixture models and hidden Markov models, named MGHMM. To evaluate the effectiveness of the proposed model, we first classify protocols and identify the obfuscated traffic by experiments. Then, we compare the classification performance of MGHMM with that of the latest Vector Quantiser-based traffic classification algorithm. On the basis of the experiment, the relation between the classification and the number of hidden Markov states, and the number of mixture of Gaussian distributions required to describe the hidden states, are analyzed.
引用
收藏
页数:13
相关论文
共 33 条
[1]   MIMETIC: Mobile encrypted traffic classification using multimodal deep learning [J].
Aceto, Giuseppe ;
Ciuonzo, Domenico ;
Montieri, Antonio ;
Pescape, Antonio .
COMPUTER NETWORKS, 2019, 165
[2]   Multi-classification approaches for classifying mobile app traffic [J].
Aceto, Giuseppe ;
Ciuonzo, Domenico ;
Montieri, Antonio ;
Pescape, Antonio .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2018, 103 :131-145
[3]   Bayesian neural networks for Internet traffic classification [J].
Auld, Tom ;
Moore, Andrew W. ;
Gull, Stephen F. .
IEEE TRANSACTIONS ON NEURAL NETWORKS, 2007, 18 (01) :223-239
[4]   HEDGE: Efficient Traffic Classification of Encrypted and Compressed Packets [J].
Casino, Fran ;
Choo, Kim-Kwang Raymond ;
Patsakis, Constantinos .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2019, 14 (11) :2916-2926
[5]  
Chang Liu, 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, P1171, DOI 10.1109/INFOCOM.2019.8737507
[6]   Study of Ocean Waves Measured by Collocated HH and VV Polarized X-Band Marine Radars [J].
Chen, Zhongbiao ;
He, Yijun ;
Yang, Wankang .
INTERNATIONAL JOURNAL OF ANTENNAS AND PROPAGATION, 2016, 2016
[7]   Classification of Network Traffic via Packet-Level Hidden Markov Models [J].
Dainotti, Alberto ;
de Donato, Walter ;
Pescape, Antonio ;
Rossi, Pierluigi Salvo .
GLOBECOM 2008 - 2008 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2008,
[8]   MAXIMUM LIKELIHOOD FROM INCOMPLETE DATA VIA EM ALGORITHM [J].
DEMPSTER, AP ;
LAIRD, NM ;
RUBIN, DB .
JOURNAL OF THE ROYAL STATISTICAL SOCIETY SERIES B-METHODOLOGICAL, 1977, 39 (01) :1-38
[9]  
Desai D., 2018, FEBRUARY 2018 ZSCALE
[10]  
Dingledine R., 2004, P 13 C USENIX SEC S, V13, P2121
1234