In the field of mobile application traffic analysis, existing methods for accurately identifying encrypted traffic often encounter challenges due to the widespread adoption of encryption channels and the presence of background traffic. Consequently, this study presents a novel mobile application traffic identification model that is in encrypted channels. The proposed model utilizes an adaptive feature extraction technique that combines Convolutional Neural Networks (CNNs) and Gated Recurrent Units (GRUs) to effectively extract abstract features from encrypted mobile application traffic. Additionally, by employing a probability-based comprehensive analysis to filter out low-confidence background traffic interference, the reliability of recognition is further enhanced. Experimental comparisons are conducted to validate the efficacy of the proposed approach. The results demonstrate that the proposed method achieves a remarkable classification accuracy of 95.4% when confronted with background traffic interference, surpassing existing techniques by over 15% in terms of anti-interference performance.
Citation: Jiangtao Zhai, Zihao Wang, Kun Duan, Tao Wang. A novel method for mobile application recognition in encrypted channels[J]. Electronic Research Archive, 2024, 32(1): 193-223. doi: 10.3934/era.2024010
In the field of mobile application traffic analysis, existing methods for accurately identifying encrypted traffic often encounter challenges due to the widespread adoption of encryption channels and the presence of background traffic. Consequently, this study presents a novel mobile application traffic identification model that is in encrypted channels. The proposed model utilizes an adaptive feature extraction technique that combines Convolutional Neural Networks (CNNs) and Gated Recurrent Units (GRUs) to effectively extract abstract features from encrypted mobile application traffic. Additionally, by employing a probability-based comprehensive analysis to filter out low-confidence background traffic interference, the reliability of recognition is further enhanced. Experimental comparisons are conducted to validate the efficacy of the proposed approach. The results demonstrate that the proposed method achieves a remarkable classification accuracy of 95.4% when confronted with background traffic interference, surpassing existing techniques by over 15% in terms of anti-interference performance.
| [1] | S. Kumar, S. Indu, G. S. Walia, Smartphone traffic analysis: a contemporary survey of the state-of-the-art, in Proceedings of the Sixth International Conference on Mathematics and Computing, Springer, 1262 (2021), 325–343. https://doi.org/10.1007/978-981-15-8061-1_26 |
| [2] |
J. Wang, H. Han, H. Li, S. He, P. K. Sharma, L. Chen, Multiple strategies differential privacy on sparse tensor factorization for network traffic analysis in 5G, IEEE Trans. Ind. Inform., 18 (2022), 1939–1948. https://doi.org/10.1109/TII.2021.3082576 doi: 10.1109/TII.2021.3082576
|
| [3] | J. Wang, Y. Yang, T. Wang, R. Sherratt, J. Zhang, Big data service architecture: a survey, J. Internet Technol., 21 (2020), 393–405. |
| [4] |
P. Wang, X. Chen, F. Ye, Z. Sun, A survey of techniques for mobile service encrypted traffic classification using deep learning, IEEE Access, 7 (2019), 54024–54033. https://doi.org/10.1109/ACCESS.2019.2912896 doi: 10.1109/ACCESS.2019.2912896
|
| [5] | H. Yan, H. Li, M. Xiao, R. Dai, X. Zheng, X. Zhao, et al., PGSM-DPI: precisely guided signature matching of deep packet inspection for traffic analysis, in 2019 IEEE Global Communications Conference (GLOBECOM), IEEE, (2019), 1–6. https://doi.org/10.1109/GLOBECOM38437.2019.9013941 |
| [6] |
M. S. Sheikh, Y. Peng, Procedures, criteria, and machine learning techniques for network traffic classification: a survey, IEEE Access, 10 (2022), 61135–61158. https://doi.org/10.1109/ACCESS.2022.3181135 doi: 10.1109/ACCESS.2022.3181135
|
| [7] |
A. Agrawal, A. Bhatia, A. Bahuguna, K. Tiwari, K. Haribabu, D. Vishwakarma, et al., A survey on analyzing encrypted network traffic of mobile devices, Int. J. Inf. Secur., 21 (2022), 873–915. https://doi.org/10.1007/s10207-022-00581-y doi: 10.1007/s10207-022-00581-y
|
| [8] |
G. Aceto, D. Ciuonzo, A. Montieri, A. Pescapé, Mobile encrypted traffic classification using deep learning: experimental evaluation, lessons learned, and challenges, IEEE Trans. Netw. Serv. Manage., 16 (2019), 445–458. https://doi.org/10.1109/TNSM.2019.2899085 doi: 10.1109/TNSM.2019.2899085
|
| [9] | M. Wang, K. Zheng, D. Luo, Y. Yang, X. Wang, An encrypted traffic classification framework based on Convolutional Neural Networks and stacked autoencoders, in 2020 IEEE 6th International Conference on Computer and Communications (ICCC), IEEE, (2022), 634–641. https://doi.org/10.1109/ICCC51575.2020.9344978 |
| [10] |
T. Shapira, Y. Shavitt, FlowPic: a generic representation for encrypted traffic classification and applications identification, IEEE Trans. Netw. Serv. Manage., 18 (2021), 1218–1232. https://doi.org/10.1109/TNSM.2021.3071441 doi: 10.1109/TNSM.2021.3071441
|
| [11] |
Z. Ahmad, A. S. Khan, C. W. Shiang, J. Abdullah, F. Ahmad, Network intrusion detection system: a systematic study of machine learning and deep learning approaches, Trans. Emerging Telecommun. Technol., 32 (2021), e4150. https://doi.org/10.1002/ett.4150 doi: 10.1002/ett.4150
|
| [12] | H. F. Alan, J. Kaur, Can Android applications be identified using only TCP/IP headers of their launch time traffic? in Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, ACM, (2016), 61–66. https://doi.org/10.1145/2939918.2939929 |
| [13] | V. F. Taylor, R. Spolaor, M. Conti, I. Martinovic, Appscanner: automatic fingerprinting of smartphone apps from encrypted network traffic, in 2016 IEEE European Symposium on Security and Privacy (EuroS & P), IEEE, (2016), 439–454. https://doi.org/10.1109/EuroSP.2016.40 |
| [14] | K. Park, H. Kim, Encryption is not enough: inferring user activities on KakaoTalk with traffic analysis, in Information Security Applications, Springer, 9503 (2016), 254–265. https://doi.org/10.1007/978-3-319-31875-2_21 |
| [15] | B. Saltaformaggio, H. Choi, K. Johnson, Y. Kwon, Q. Zhang, X. Zhang, et al., Eavesdropping on Fine-Grained user activities within smartphone apps over encrypted network traffic, in 10th USENIX Workshop on Offensive Technologies (WOOT 16), USENIX Association, 2016. |
| [16] |
S. E. Coull, K. P. Dyer, Traffic analysis of encrypted messaging services: apple iMessage and beyond, ACM SIGCOMM Comput. Commun. Rev., 44 (2014), 5–11. https://doi.org/10.1145/2677046.2677048 doi: 10.1145/2677046.2677048
|
| [17] |
M. Conti, L. V. Mancini, R. Spolaor, N. V. Verde, Analyzing android encrypted network traffic to identify user actions, IEEE Trans. Inf. Forensics Secur., 11 (2015), 114–125. https://doi.org/10.1109/TIFS.2015.2478741 doi: 10.1109/TIFS.2015.2478741
|
| [18] | Z. Wang, The applications of deep learning on traffic identification, BlackHat USA, 24 (2015), 1–10. |
| [19] |
X. Hu, C. Gu, F. Wei, Cld-net: a network combining CNN and LSTM for internet encrypted traffic classification, Secur. Commun. Netw., 2021 (2021), 5518460. https://doi.org/10.1155/2021/5518460 doi: 10.1155/2021/5518460
|
| [20] |
G. Aceto, D. Ciuonzo, A. Montieri, A. Pescapè, MIMETIC: mobile encrypted traffic classification using multimodal deep learning, Comput. Netw., 165 (2019), 106944. https://doi.org/10.1016/j.comnet.2019.106944 doi: 10.1016/j.comnet.2019.106944
|
| [21] | W. Wang, M. Zhu, J. Wang, X. Zeng, Z. Yang, End-to-end encrypted traffic classification with one-dimensional convolution neural networks, in 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), IEEE, (2017), 43–48. https://doi.org/10.1109/ISI.2017.8004872 |
| [22] | A. A. M. Al-Saffar, H. Tao, M. A. Talab, Review of deep convolution neural network in image classification, in 2017 International Conference on Radar, Antenna, Microwave, Electronics, and Telecommunications (ICRAMET), IEEE, (2017), 26–31. https://doi.org/10.1109/ICRAMET.2017.8253139 |
| [23] | W. Wang, M. Zhu, X. Zeng, X. Ye, Y. Sheng, Malware traffic classification using Convolutional Neural Network for representation learning, in 2017 International Conference on Information Networking (ICOIN), IEEE, (2017), 712–717. https://doi.org/10.1109/ICOIN.2017.7899588 |
| [24] | A. F. Agarap, Deep learning using rectified linear units (ReLU), preprint, arXiv: 1803.08375. |
| [25] | A. Labach, H. Salehinejad, S. Valaee, Survey of dropout methods for deep neural networks, preprint, arXiv: 1904.13310. |
| [26] | S. Yang, X. Yu, Y. Zhou, LSTM and GRU neural network performance comparison study: taking yelp review dataset as an example, in 2020 International Workshop on Electronic Communication and Artificial Intelligence (IWECAI), IEEE, (2020), 98–101. https://doi.org/10.1109/IWECAI50956.2020.00027 |
| [27] | H. Falaki, D. Lymberopoulos, R. Mahajan, S. Kandula, D. Estrin, A first look at traffic on smartphones, in Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement, ACM, (2010), 281–287. https://doi.org/10.1145/1879141.1879176 |
| [28] |
W. Wei, H. Gu, W. Deng, Z. Xiao, X. Ren, ABL-TC: a lightweight design for network traffic classification empowered by deep learning, Neurocomputing, 489 (2022), 333–344. https://doi.org/10.1016/j.neucom.2022.03.007 doi: 10.1016/j.neucom.2022.03.007
|
| [29] | Q. Wen, T. Zhou, C. Zhang, W. Chen, Z. Ma, J. Yan, et al., Transformers in time series: a survey, preprint, arXiv: 2202.07125. |
| [30] |
A. Nascita, A. Montieri, G. Aceto, D. Ciuonzo, V. Persico, A. Pescapé, Improving performance, reliability, and feasibility in multimodal multitask traffic classification with XAI, IEEE Trans. Netw. Serv. Manage., 20 (2023), 1267–1289. https://doi.org/10.1109/TNSM.2023.3246794 doi: 10.1109/TNSM.2023.3246794
|
Figures(15) / Tables(10)
Jiangtao Zhai, Zihao Wang, Kun Duan, Tao Wang. A novel method for mobile application recognition in encrypted channels[J]. Electronic Research Archive, 2024, 32(1): 193-223. doi: 10.3934/era.2024010
DownLoad: