Telecommunications Science ›› 2024, Vol. 40 ›› Issue (6): 89-99.doi: 10.11959/j.issn.1000-0801.2024156

• Research and Development • Previous Articles     Next Articles

A robust encrypted traffic identification scheme based on graph neural network

Mengxiang LI1, Chuang PENG1, Hao WANG1, Chaoming HUANG1,2, Xiaobin TAN1,2   

  1. 1.University of Science and Technology of China, Hefei 230026, China
    2.Institute of Artificial Intelligence, Hefei Comprehensive National Science Center, Hefei 230088, China
  • Received:2024-03-01 Revised:2024-05-12 Online:2024-06-20 Published:2024-07-11
  • Supported by:
    The National Key Research & Development Program of China(2022YFB2901400);The Key Science and Technology Project of Anhui(202103a05020007);The China Environment for Network Innovations(2016-000052-73-01-000515);The National Natural Science Foundation of China(62101525)

Abstract:

The current methods for identifying network traffic are generally designed and tested for specific network environments or datasets, making it difficult to generalize and apply to complex and ever-changing actual network environments. A robust traffic recognition algorithm based on graph neural networks was proposed for achieving accurate traffic recognition in practical network scenarios. Firstly, in response to the current algorithm’s neglect of network environment fluctuations and the decrease in accuracy caused by pattern changes, network flows were clustered and filtered by selecting high-level protocol features to reduce the impact of network bandwidth fluctuations on website access traffic behavior. Secondly, due to the fact that most current algorithms only perform single stream recognition and ignore the interrelationships between flows, the various types of feature information and their correlations of network flows were considered, and spatiotemporal correlation features between network flows were extracted through graph neural networks to fully learn network traffic characteristics. By complementing multiple flows and features, the robustness of the algorithm was improved. Finally, a Transformer model that could capture global data information was used as a classifier to analyze the multi type features of network data flow, achieving robust network traffic recognition. Approximately 1 500 and 1 400 visits to 21 target websites in different network environments were collected as datasets for training and testing, achieving an accuracy of 90.7%. Compared with the latest ProGraph algorithm, the accuracy is improved by 7.3%, and the experimental results verify the effectiveness of the proposed method.

Key words: traffic identification, graph neural network, Transformer

CLC Number: 

No Suggested Reading articles found!