Yeasul Kim¹, Chaeeun Won¹, Hwankuk Kim^2,*

CMC-Computers, Materials & Continua, Vol.86, No.1, pp. 1-28, 2026, DOI:10.32604/cmc.2025.069608 - 10 November 2025

Abstract With the increasing emphasis on personal information protection, encryption through security protocols has emerged as a critical requirement in data transmission and reception processes. Nevertheless, IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices, spanning a range of devices from non-encrypted ones to fully encrypted ones. Given the limited visibility into payloads in this context, this study investigates AI-based attack detection methods that leverage encrypted traffic metadata, eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices. Using the UNSW-NB15 and CICIoT-2023 dataset, encrypted and… More >

Jianwei Zhang^1,*, Hongying Zhao², Yuan Feng^3,*, Zengyu Cai², Liang Zhu²

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 5279-5298, 2025, DOI:10.32604/cmc.2025.066367 - 30 July 2025

Abstract Network traffic classification is a crucial research area aimed at improving quality of service, simplifying network management, and enhancing network security. To address the growing complexity of cryptography, researchers have proposed various machine learning and deep learning approaches to tackle this challenge. However, existing mainstream methods face several general issues. On one hand, the widely used Transformer architecture exhibits high computational complexity, which negatively impacts its efficiency. On the other hand, traditional methods are often unreliable in traffic representation, frequently losing important byte information while retaining unnecessary biases. To address these problems, this paper introduces More >

Baoquan Liu^1,3, Xi Chen^2,3, Qingjun Yuan^2,3, Degang Li^2,3, Chunxiang Gu^2,3,*

CMC-Computers, Materials & Continua, Vol.82, No.2, pp. 3179-3201, 2025, DOI:10.32604/cmc.2024.059688 - 17 February 2025

Abstract With the emphasis on user privacy and communication security, encrypted traffic has increased dramatically, which brings great challenges to traffic classification. The classification method of encrypted traffic based on GNN can deal with encrypted traffic well. However, existing GNN-based approaches ignore the relationship between client or server packets. In this paper, we design a network traffic topology based on GCN, called Flow Mapping Graph (FMG). FMG establishes sequential edges between vertexes by the arrival order of packets and establishes jump-order edges between vertexes by connecting packets in different bursts with the same direction. It not… More >

Rongwei Yu, Xiya Guo^*, Peihao Zhang, Kaijuan Zhang

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 2643-2664, 2024, DOI:10.32604/cmc.2024.056165 - 18 November 2024

Abstract Encrypted traffic plays a crucial role in safeguarding network security and user privacy. However, encrypting malicious traffic can lead to numerous security issues, making the effective classification of encrypted traffic essential. Existing methods for detecting encrypted traffic face two significant challenges. First, relying solely on the original byte information for classification fails to leverage the rich temporal relationships within network traffic. Second, machine learning and convolutional neural network methods lack sufficient network expression capabilities, hindering the full exploration of traffic’s potential characteristics. To address these limitations, this study introduces a traffic classification method that utilizes… More >

Il Hwan Ji¹, Ju Hyeon Lee¹, Seungho Jeon², Jung Taek Seo^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.141, No.2, pp. 1519-1549, 2024, DOI:10.32604/cmes.2024.053437 - 27 September 2024

Abstract In the early days of IoT’s introduction, it was challenging to introduce encryption communication due to the lack of performance of each component, such as computing resources like CPUs and batteries, to encrypt and decrypt data. Because IoT is applied and utilized in many important fields, a cyberattack on IoT can result in astronomical financial and human casualties. For this reason, the application of encrypted communication to IoT has been required, and the application of encrypted communication to IoT has become possible due to improvements in the computing performance of IoT devices and the development… More >

Min-Gyu Kim¹, Hwankuk Kim^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.141, No.1, pp. 585-607, 2024, DOI:10.32604/cmes.2024.051221 - 20 August 2024

Abstract In the IoT (Internet of Things) domain, the increased use of encryption protocols such as SSL/TLS, VPN (Virtual Private Network), and Tor has led to a rise in attacks leveraging encrypted traffic. While research on anomaly detection using AI (Artificial Intelligence) is actively progressing, the encrypted nature of the data poses challenges for labeling, resulting in data imbalance and biased feature extraction toward specific nodes. This study proposes a reconstruction error-based anomaly detection method using an autoencoder (AE) that utilizes packet metadata excluding specific node information. The proposed method omits biased packet metadata such as… More >

Saad Abdalla Agaili Mohamed^*, Sefer Kurnaz

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 819-841, 2024, DOI:10.32604/cmc.2024.050474 - 18 July 2024

Abstract VPNs are vital for safeguarding communication routes in the continually changing cybersecurity world. However, increasing network attack complexity and variety require increasingly advanced algorithms to recognize and categorize VPN network data. We present a novel VPN network traffic flow classification method utilizing Artificial Neural Networks (ANN). This paper aims to provide a reliable system that can identify a virtual private network (VPN) traffic from intrusion attempts, data exfiltration, and denial-of-service assaults. We compile a broad dataset of labeled VPN traffic flows from various apps and usage patterns. Next, we create an ANN architecture that can… More >

Yuancong Chai, Yuefei Zhu^*, Wei Lin, Ding Li

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1223-1243, 2024, DOI:10.32604/cmc.2024.049904 - 25 April 2024

Abstract With the increasing proportion of encrypted traffic in cyberspace, the classification of encrypted traffic has become a core key technology in network supervision. In recent years, many different solutions have emerged in this field. Most methods identify and classify traffic by extracting spatiotemporal characteristics of data flows or byte-level features of packets. However, due to changes in data transmission mediums, such as fiber optics and satellites, temporal features can exhibit significant variations due to changes in communication links and transmission quality. Additionally, partial spatial features can change due to reasons like data reordering and retransmission.… More >

Haizhen Wang^1,2,*, Jinying Yan^1,*, Na Jia¹

CMC-Computers, Materials & Continua, Vol.78, No.1, pp. 569-588, 2024, DOI:10.32604/cmc.2023.046055 - 30 January 2024

Abstract Encrypted traffic identification pertains to the precise acquisition and categorization of data from traffic datasets containing imbalanced and obscured content. The extraction of encrypted traffic attributes and their subsequent identification presents a formidable challenge. The existing models have predominantly relied on direct extraction of encrypted traffic data from imbalanced datasets, with the dataset’s imbalance significantly affecting the model’s performance. In the present study, a new model, referred to as UD-VLD (Unbalanced Dataset-VAE-LSTM-DRN), was proposed to address above problem. The proposed model is an encrypted traffic identification model for handling unbalanced datasets. The encoder of the… More >

Kaiyue Wang¹, Jian Gao^1,2,*, Xinyan Lei¹

Intelligent Automation & Soft Computing, Vol.37, No.1, pp. 619-638, 2023, DOI:10.32604/iasc.2023.036701 - 29 April 2023

Abstract Traffic characterization (e.g., chat, video) and application identification (e.g., FTP, Facebook) are two of the more crucial jobs in encrypted network traffic classification. These two activities are typically carried out separately by existing systems using separate models, significantly adding to the difficulty of network administration. Convolutional Neural Network (CNN) and Transformer are deep learning-based approaches for network traffic classification. CNN is good at extracting local features while ignoring long-distance information from the network traffic sequence, and Transformer can capture long-distance feature dependencies while ignoring local details. Based on these characteristics, a multi-task learning model that… More >