Advertisement

Deep learning-based real-time VPN encrypted traffic identification methods

  • Lulu GuoEmail author
  • Qianqiong Wu
  • Shengli Liu
  • Ming Duan
  • Huijie Li
  • Jianwen Sun
Special Issue Paper
  • 8 Downloads

Abstract

With the widespread application of virtual private network (VPN) technology, real-time VPN traffic identification has become an increasingly important task in network management and security maintenance. Since traditional encrypted traffic identification technology is not effective in feature extraction and selection, this paper proposes two deep learning-based models to classify the traffic into VPN and non-VPN traffic, identify VPN traffic generated by six different applications much further. Our models utilize convolutional auto-encoding (CAE) and convolutional neural network (CNN), respectively, preprocessing the traffic samples into session pictures, to accomplish the experiment objectives. The CAE-based method, utilizing the unsupervised nature of CAE to extract the hidden layer features, can automatically learn the nonlinear relationship between original input and expected output. The CNN-based method performs well in extracting two-dimensional local features of images. Experimental results show that our models perform better than traditional identification methods. In the two-category identification, the best result comes from the CAE-based model; the overall identification accuracy rate is 98.77%. Among the six-category identification, the best result comes from CNN-based model; the overall identification accuracy rate is 92.92%.

Keywords

CAE CNN Real time VPN Identification 

Notes

References

  1. 1.
    Wubin, P., Guang, C., Xiaojun, G., et al.: Review and perspective on encrypted traffic identification research[J]. Trans. Commun. 37(9), 154–167 (2016) (in Chinese) Google Scholar
  2. 2.
    Qi, L., Zhou, Z., Jiguo, Yu., Liu, Q.: Data-sparsity tolerant web service recommendation approach based on improved collaborative filtering. IEICE Trans. Inf. Syst. E100D(9), 2092–2099 (2017)CrossRefGoogle Scholar
  3. 3.
    Wei, W., Zhang, H., Li, B., et al.: Active Identification of VPN server based on correlation detecting[J]. Ind. Control Comput. 30(3), 111–112 (2017) (in Chinese) Google Scholar
  4. 4.
    Draper-Gil, G., Lashkari, A.H., Mamun, M.S.I., et al.: Characterization of encrypted and VPN traffic using time-related features. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP 2016), pp. 407–414 (2016)Google Scholar
  5. 5.
    Bagui, S., Fang, X., Kalaimannan, E., et al.: Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features. J. Cyber Secur. Technol. 1(2), 108–126 (2017)CrossRefGoogle Scholar
  6. 6.
    Yamansavascilar, B., Guvensan, M.A., Yavuz, A.G., et al.: Application identification via network traffic classification. In: IEEE International Conference on Computing, Networking and Communications (ICNC). IEEE, pp. 843–848 (2017)Google Scholar
  7. 7.
    Wang, Z.: The applications of deep learning on traffic identification[J]. BlackHat USA, 24p (2015)Google Scholar
  8. 8.
    Lotfollahi, M., Siavoshani, M.J., Zade, R.S.H., et al.: Deep packet: a novel approach for encrypted traffic classification using deep learning. Soft. Comput. (2017).  https://doi.org/10.1007/s00500-019-04030-2 CrossRefGoogle Scholar
  9. 9.
    Wang, W., Zhu, M., Wang, J., et al.: End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, pp. 43–48 (2017)Google Scholar
  10. 10.
    Li, D., Zhu, Y., Lin. W.: Mobile app traffic identification based on visual perception feature[J]. J. Comput. App. 2019(4) (in Chinese) Google Scholar
  11. 11.
    Chen, X., Wang, P., Yu, J.: CNN based encrypted traffic identification method. J. Nanjing Univ. Posts Telecommun. Nat. Sci. Edn. (2018).  https://doi.org/10.14132/j.cnki.1673-5439.2018.06.006 CrossRefGoogle Scholar
  12. 12.
    Wang, P., Chen, X.: SAE-based encrypted traffic identification method. Comput. Eng. 44(11), 140–147 (2018).  https://doi.org/10.19678/j.issn.1000-3428.0052059 CrossRefGoogle Scholar
  13. 13.
    Wang, W., Zhu, M., Zeng, X., et al.: Malware traffic classification using convolutional neural network for representation learning. In: 2017 International Conference on Information Networking (ICOIN). IEEE, pp. 712–717 (2017)Google Scholar
  14. 14.
    Jia, Q., Wang, X., Zhou, L., et al.: New Local feature description algorithm based on improved convolutional auto-encoder[J]. Comput. Eng. Appl. 53(19), 184–191 (2017) (in Chinese) Google Scholar
  15. 15.
    Zhao, J., Mathieu, M., Goroshin, R., et al.: Stacked what-where auto-encoders[J] (2015). http://arXiv.org/abs/1506.02351
  16. 16.
    Xu, F., Zhang, X., Xin, Z., et al.: Investigation on the Chinese text sentiment analysis based on convolutional neural networks in deep learning[J]. Comput. Mater. Contin 58(3), 697–709 (2019)CrossRefGoogle Scholar
  17. 17.
    Pan, L., Qin, J., Chen, H., et al.: Image augmentation-based food recognition with convolutional neural networks[J]. CMC Comput. Mater. Contin. 59(1), 297–313 (2019)Google Scholar
  18. 18.
    Liu, Z., Xiang, B., Song, Y., et al.: An improved unsupervised image segmentation method based on multi-objective particle swarm optimization clustering algorithm[J]. CMC Comput. Mater. Contin. 58(2), 451–461 (2019). (ISBN:978-1-4503-0000-0/18/06) Google Scholar
  19. 19.
    Hong, X., Zheng, X., Xia, J., et al.: Cross-lingual non-ferrous metals related news recognition method based on CNN with a limited bi-lingual dictionary[J]. Comput. Mater. Contin. 58(2), 379–389 (2019)CrossRefGoogle Scholar
  20. 20.
    Rezaei, S., Liu, X.: Deep learning for encrypted traffic classification: an overview. IEEE Commun. Mag. 57(5), 76–81 (2019)CrossRefGoogle Scholar
  21. 21.
    Glorot, X., Bengio, Y.: Understanding the difficulty of training deep feedforward neural networks. In: Proceedings of the thirteenth international conference on artificial intelligence and statistics, pp 249–256 (2010)Google Scholar
  22. 22.
    Zhou, Z., Mu, Y., Wu, Q.M.J.: Coverless Image steganography using partial-duplicate image retrieval[J]. Soft Comput. 23(13), 4927–4938 (2019)CrossRefGoogle Scholar
  23. 23.
    Zhou, Z., Wu, J.Q.M., Sun, X.: Multiple distances-based coding: toward scalable feature matching for large-scale web image search. IEEE Trans Big Data (2019).  https://doi.org/10.1109/tbdata.2019.2919570 CrossRefGoogle Scholar
  24. 24.
    Yildirim, T., Radcliffe, P.J.: VoIP traffic classification in IPSec tunnels. In: 2010 International Conference on Electronics and Information Engineering. IEEE, Vol 1, pp V1-151–V1-157 (2010)Google Scholar
  25. 25.
    Ximenes, E., Yeo, K.C., Azam, S., et al.: Performance analysis of various encryption techniques in communication network[J]. Asian J. Inf. Technol. 16(1), 125–130 (2017)Google Scholar
  26. 26.
    Singh, K.K.V.V., Gupta, H.: A new approach for the security of VPN. In: Proceedings of the Second International conference on Information and Communication Technology for Competitive Strategies. ACM, 13p (2016)Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Lulu Guo
    • 1
    Email author
  • Qianqiong Wu
    • 2
    • 3
  • Shengli Liu
    • 1
  • Ming Duan
    • 1
  • Huijie Li
    • 1
  • Jianwen Sun
    • 1
  1. 1.Cyberspace Security InstituteInformation Engineering UniversityZhengzhouChina
  2. 2.Institute of Electrical Engineering and Automation, Luoyang Institute of Science and TechnologyLuoyangChina
  3. 3.Tampere University of Applied SciencesPirkanmaaFinland

Personalised recommendations