Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
Combo Packet: An Encryption Traffic Classification Method Based on Contextual Information
State Key Laboratory of Mathematical Engineering and Advanced Computing, Information Engineering University, Zhengzhou, 450001, China
* Corresponding Author: Yuefei Zhu. Email:
Computers, Materials & Continua 2024, 79(1), 1223-1243. https://doi.org/10.32604/cmc.2024.049904
Received 22 January 2024; Accepted 08 March 2024; Issue published 25 April 2024
View Full Text
Download PDFAbstract
With the increasing proportion of encrypted traffic in cyberspace, the classification of encrypted traffic has become a core key technology in network supervision. In recent years, many different solutions have emerged in this field. Most methods identify and classify traffic by extracting spatiotemporal characteristics of data flows or byte-level features of packets. However, due to changes in data transmission mediums, such as fiber optics and satellites, temporal features can exhibit significant variations due to changes in communication links and transmission quality. Additionally, partial spatial features can change due to reasons like data reordering and retransmission. Faced with these challenges, identifying encrypted traffic solely based on packet byte-level features is significantly difficult. To address this, we propose a universal packet-level encrypted traffic identification method, Combo Packet. This method utilizes convolutional neural networks to extract deep features of the current packet and its contextual information and employs spatial and channel attention mechanisms to select and locate effective features. Experimental data shows that Combo Packet can effectively distinguish between encrypted traffic service categories (e.g., File Transfer Protocol, FTP, and Peer-to-Peer, P2P) and encrypted traffic application categories (e.g., BitTorrent and Skype). Validated on the ISCX VPN-non VPN dataset, it achieves classification accuracies of 97.0% and 97.1% for service and application categories, respectively. It also provides shorter training times and higher recognition speeds. The performance and recognition capabilities of Combo Packet are significantly superior to the existing classification methods mentioned.Keywords
Cite This Article
APA Style
Chai, Y., Zhu, Y., Lin, W., Li, D. (2024). Combo packet: an encryption traffic classification method based on contextual information. Computers, Materials & Continua, 79(1), 1223-1243. https://doi.org/10.32604/cmc.2024.049904
Vancouver Style
Chai Y, Zhu Y, Lin W, Li D. Combo packet: an encryption traffic classification method based on contextual information. Comput Mater Contin. 2024;79(1):1223-1243 https://doi.org/10.32604/cmc.2024.049904
IEEE Style
Y. Chai, Y. Zhu, W. Lin, and D. Li "Combo Packet: An Encryption Traffic Classification Method Based on Contextual Information," Comput. Mater. Contin., vol. 79, no. 1, pp. 1223-1243. 2024. https://doi.org/10.32604/cmc.2024.049904
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
