About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Security and Privacy in Communication Networks. 19th EAI International Conference, SecureComm 2023, Hong Kong, China, October 19-21, 2023, Proceedings, Part I

Research Article

CUFT: Cuflow-Based Approach with Multi-headed Attention Mechanism for Encrypted Traffic Classification

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-031-64948-6_2,
        author={Xin Zong and Min Luo and Cong Peng and Debiao He},
        title={CUFT: Cuflow-Based Approach with Multi-headed Attention Mechanism for Encrypted Traffic Classification},
        proceedings={Security and Privacy in Communication Networks. 19th EAI International Conference, SecureComm 2023, Hong Kong, China, October 19-21, 2023, Proceedings, Part I},
        proceedings_a={SECURECOMM},
        year={2024},
        month={10},
        keywords={Encrypted traffic classification Cuflow Multi-head attention},
        doi={10.1007/978-3-031-64948-6_2}
    }
    
  • Xin Zong
    Min Luo
    Cong Peng
    Debiao He
    Year: 2024
    CUFT: Cuflow-Based Approach with Multi-headed Attention Mechanism for Encrypted Traffic Classification
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-031-64948-6_2
Xin Zong1, Min Luo1,*, Cong Peng1, Debiao He1
  • 1: Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering
*Contact email: mluo@whu.edu.cn

Abstract

Encrypted traffic classification is essential to network optimization, quality of service improvement, and network security maintenance. However, this task has become increasingly challenging with the emergence of new applications and protocols. Existing deep learning-based methods either directly use the raw packet payloads for classification without considering the contextual relationships between packets, or use flow’s statistical features ignoring the inline relationships between packet payloads. Consequently, these approaches result in less accurate or less generalizable classification, which cannot be adapted to different classification scenarios. To address them, we propose a method called CUFT, which involves separating the irrelevant packets from the original traffic and extracting the continuous unidirectional flows (cuflows) for classification. Subsequently, we utilize the long-distance capturing capability of the multi-head attention mechanism to obtain the contextual relationships among the relevant packets in the cuflow and the inline relationships among the packet payloads. To verify the effectiveness and generality of CUFT across various classification tasks, we conducted experiments on three complex classification tasks using three publicly available datasets, ISCX-Tor, ISCX-VPN and USTC-TFC. Our results show that our proposed method achieves exceptional accuracy rates of 99.67%, 98.33% and 99.18% on these three complex classification tasks respectively.

Keywords
Encrypted traffic classification Cuflow Multi-head attention
Published
2024-10-13
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-031-64948-6_2
Copyright © 2023–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL