Yuancong Chai, Yuefei Zhu^*, Wei Lin, Ding Li

CMC-Computers, Materials & Continua, Vol.79, No.1, pp. 1223-1243, 2024, DOI:10.32604/cmc.2024.049904

Abstract With the increasing proportion of encrypted traffic in cyberspace, the classification of encrypted traffic has become a core key technology in network supervision. In recent years, many different solutions have emerged in this field. Most methods identify and classify traffic by extracting spatiotemporal characteristics of data flows or byte-level features of packets. However, due to changes in data transmission mediums, such as fiber optics and satellites, temporal features can exhibit significant variations due to changes in communication links and transmission quality. Additionally, partial spatial features can change due to reasons like data reordering and retransmission. Faced with these challenges, identifying… More >

Hong Huang¹, Xingxing Zhang^1,*, Ye Lu¹, Ze Li¹, Shaohua Zhou²

CMC-Computers, Materials & Continua, Vol.78, No.3, pp. 3929-3951, 2024, DOI:10.32604/cmc.2024.047918

Abstract While encryption technology safeguards the security of network communications, malicious traffic also uses encryption protocols to obscure its malicious behavior. To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic, we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features, called BERT-based Spatio-Temporal Features Network (BSTFNet). At the packet-level granularity, the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers (BERT) model. At the byte-level granularity,… More >

Yu-Rim Lee¹, Na-Eun Park¹, Seo-Yi Kim², Il-Gu Lee^1,2,*

CMC-Computers, Materials & Continua, Vol.76, No.3, pp. 3465-3482, 2023, DOI:10.32604/cmc.2023.041196

Abstract With the introduction of 5G technology, the application of Internet of Things (IoT) devices is expanding to various industrial fields. However, introducing a robust, lightweight, low-cost, and low-power security solution to the IoT environment is challenging. Therefore, this study proposes two methods using a data compression technique to detect malicious traffic efficiently and accurately for a secure IoT environment. The first method, compressed sensing and learning (CSL), compresses an event log in a bitmap format to quickly detect attacks. Then, the attack log is detected using a machine-learning classification model. The second method, precise re-learning after CSL (Ra-CSL), comprises a… More >

Kaiyue Wang¹, Jian Gao^1,2,*, Xinyan Lei¹

Intelligent Automation & Soft Computing, Vol.37, No.1, pp. 619-638, 2023, DOI:10.32604/iasc.2023.036701

Abstract Traffic characterization (e.g., chat, video) and application identification (e.g., FTP, Facebook) are two of the more crucial jobs in encrypted network traffic classification. These two activities are typically carried out separately by existing systems using separate models, significantly adding to the difficulty of network administration. Convolutional Neural Network (CNN) and Transformer are deep learning-based approaches for network traffic classification. CNN is good at extracting local features while ignoring long-distance information from the network traffic sequence, and Transformer can capture long-distance feature dependencies while ignoring local details. Based on these characteristics, a multi-task learning model that combines Transformer and 1D-CNN for… More >

Jiangtao Zhai^1,*, Peng Lin¹, Yongfu Cui¹, Lilong Xu¹, Ming Liu²

CMES-Computer Modeling in Engineering & Sciences, Vol.136, No.2, pp. 2069-2092, 2023, DOI:10.32604/cmes.2023.023764

Abstract Encrypted traffic classification has become a hot issue in network security research. The class imbalance problem of traffic samples often causes the deterioration of Machine Learning based classifier performance. Although the Generative Adversarial Network (GAN) method can generate new samples by learning the feature distribution of the original samples, it is confronted with the problems of unstable training and mode collapse. To this end, a novel data augmenting approach called GraphCWGAN-GP is proposed in this paper. The traffic data is first converted into grayscale images as the input for the proposed model. Then, the minority class data is augmented with… More >

Chaebeen Nam¹, Sa Math¹, Prohim Tam¹, Seokhoon Kim^1,2,*

CMC-Computers, Materials & Continua, Vol.73, No.2, pp. 4087-4102, 2022, DOI:10.32604/cmc.2022.030575

Abstract Heterogeneous Internet of Things (IoT) applications generate a diversity of novelty applications and services in next-generation networks (NGN), which is essential to guarantee end-to-end (E2E) communication resources for both control plane (CP) and data plane (DP). Likewise, the heterogeneous 5th generation (5G) communication applications, including Mobile Broadband Communications (MBBC), massive Machine-Type Commutation (mMTC), and ultra-reliable low latency communications (URLLC), obligate to perform intelligent Quality-of-Service (QoS) Class Identifier (QCI), while the CP entities will be suffered from the complicated massive HIOT applications. Moreover, the existing management and orchestration (MANO) models are inappropriate for resource utilization and allocation in large-scale and complicated… More >

Mustafa Al-Fayoumi¹, Mohammad Al-Fawa’reh², Shadi Nashwan^3,*

CMC-Computers, Materials & Continua, Vol.72, No.2, pp. 3091-3111, 2022, DOI:10.32604/cmc.2022.025103

Abstract The continual growth of the use of technological appliances during the COVID-19 pandemic has resulted in a massive volume of data flow on the Internet, as many employees have transitioned to working from home. Furthermore, with the increase in the adoption of encrypted data transmission by many people who tend to use a Virtual Private Network (VPN) or Tor Browser (dark web) to keep their data privacy and hidden, network traffic encryption is rapidly becoming a universal approach. This affects and complicates the quality of service (QoS), traffic monitoring, and network security provided by Internet Service Providers (ISPs), particularly for… More >

Muhammad Basit Umair¹, Zeshan Iqbal¹, Muhammad Bilal², Jamel Nebhen⁴, Tarik Adnan Almohamad³, Raja Majid Mehmood^5,*

CMC-Computers, Materials & Continua, Vol.71, No.1, pp. 407-422, 2022, DOI:10.32604/cmc.2022.020727

Abstract Internet of Things (IoT) defines a network of devices connected to the internet and sharing a massive amount of data between each other and a central location. These IoT devices are connected to a network therefore prone to attacks. Various management tasks and network operations such as security, intrusion detection, Quality-of-Service provisioning, performance monitoring, resource provisioning, and traffic engineering require traffic classification. Due to the ineffectiveness of traditional classification schemes, such as port-based and payload-based methods, researchers proposed machine learning-based traffic classification systems based on shallow neural networks. Furthermore, machine learning-based models incline to misclassify internet traffic due to improper… More >

Jiaming Mao^1,*, Mingming Zhang¹, Mu Chen², Lu Chen², Fei Xia¹, Lei Fan¹, ZiXuan Wang³, Wenbing Zhao⁴

Computer Systems Science and Engineering, Vol.39, No.3, pp. 373-390, 2021, DOI:10.32604/csse.2021.018086

Abstract The rapidly increasing popularity of mobile devices has changed the methods with which people access various network services and increased network traffic markedly. Over the past few decades, network traffic identification has been a research hotspot in the field of network management and security monitoring. However, as more network services use encryption technology, network traffic identification faces many challenges. Although classic machine learning methods can solve many problems that cannot be solved by port- and payload-based methods, manually extract features that are frequently updated is time-consuming and labor-intensive. Deep learning has good automatic feature learning capabilities and is an ideal… More >

Mo Chen¹, Xiaojuan Wang^{1, *}, Mingshu He¹, Lei Jin¹, Khalid Javeed², Xiaojun Wang³

CMC-Computers, Materials & Continua, Vol.64, No.2, pp. 941-959, 2020, DOI:10.32604/cmc.2020.09802

Abstract Attacks on websites and network servers are among the most critical threats in network security. Network behavior identification is one of the most effective ways to identify malicious network intrusions. Analyzing abnormal network traffic patterns and traffic classification based on labeled network traffic data are among the most effective approaches for network behavior identification. Traditional methods for network traffic classification utilize algorithms such as Naive Bayes, Decision Tree and XGBoost. However, network traffic classification, which is required for network behavior identification, generally suffers from the problem of low accuracy even with the recently proposed deep learning models. To improve network… More >