CETAnalytics: Comprehensive effective traffic information analytics for encrypted traffic classification

Encrypted traffic classification is of great significance for advanced network services. Though encryption methods seem unbroken in protecting users' privacy, existing studies have demonstrated that with sophisticated designed approaches utilizing the methods of machine learning or deep learning, the traffic can be identified as generated from which application type or even the specific application. However, most of the previous approaches either lack the generalization ability in different tasks or can hardly achieve the precise performance. One of the reasons is that they perform the classification from an incomplete perspective. To our best knowledge, none of which consider combing the payload content and payload statistics for encrypted traffic classification. Hence, in this paper, we propose the comprehensive effective traffic information analytics (CETAnalytics) framework to tackle the problem. Firstly, the comprehensive effective traffic information is specified and the motivation for combing the two aspects of the traffic is introduced. Based on the specification, the CETAnalytics framework utilizing the consolidated information and its devising implementation details are elaborated. Briefly, the implementation is totally built on the neural network for its high flexibility and powerful functionality to integrate the two dimensional analytics. Among the challenges tackled in the implementation, a substructure network Attract designed with the purpose of matching the traffic structure is proposed to realize the payload content analytics, which is one of the highlights of our work. For evaluation, several solid experiments are conducted using three designed tasks originated from the ISCXVPN2016 dataset. The experiment results show that (i) the effectiveness of the framework design for encrypted traffic classification; (ii) our implementation can achieve both high precision and robust generalization performance at the same time.