After decades of rapid development, the scale and complexity of modern networks have far exceed our expectations. In many conditions, traditional traffic identification methods cannot meet the demand of modern networks. Recently, fine-grained network traffic identification has been proved to be an effective solution for managing network resources. There is a massive increase in the use of fine-grained network traffic identification in the communications industry. In this article, we propose a comprehensive overview of fine-grained network traffic identification. Then, we conduct a detailed literature review on fine-grained network traffic identification from three perspectives: wired network, mobile network, and malware traffic identification. Finally, we also draw the conclusion on the challenges of fine-grained network traffic identification and future research prospects.
Citation: Xiaolin Gui, Yuanlong Cao, Ilsun You, Lejun Ji, Yong Luo, Zhenzhen Luo. A Survey of techniques for fine-grained web traffic identification and classification[J]. Mathematical Biosciences and Engineering, 2022, 19(3): 2996-3021. doi: 10.3934/mbe.2022138
After decades of rapid development, the scale and complexity of modern networks have far exceed our expectations. In many conditions, traditional traffic identification methods cannot meet the demand of modern networks. Recently, fine-grained network traffic identification has been proved to be an effective solution for managing network resources. There is a massive increase in the use of fine-grained network traffic identification in the communications industry. In this article, we propose a comprehensive overview of fine-grained network traffic identification. Then, we conduct a detailed literature review on fine-grained network traffic identification from three perspectives: wired network, mobile network, and malware traffic identification. Finally, we also draw the conclusion on the challenges of fine-grained network traffic identification and future research prospects.
[1] | F. Hernández-Campos, K. Jeffay, F. D. Smith, Tracking the evolution of web traffic: 1995–2003, in 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, (2003), 16–25. https://doi.org/10.1109/MASCOT.2003.1240638 |
[2] | H. Schulze, K. Mochalski, Internet study 2008/2009, Ipoque Rep., 37 (2009), 351–362. |
[3] | T. Zimmermann, J. Rüth, B. Wolters, O. Hohlfeld, How HTTP/2 pushes the web: An empirical study of HTTP/2 server push, in 2017 IFIP Networking Conference (IFIP Networking) and Workshops, (2017), 1–9. https://doi.org/10.23919/IFIPNetworking.2017.8264830 |
[4] | O. Hohlfeld, J. Rüth, K. Wolsing, T. Zimmermann, Characterizing a meta-CDN, in International Conference on Passive and Active Network Measurement, (2018), 114–128. https://doi.org/10.1007/978-3-319-76481-8_9 |
[5] | F. Lichtblau, F. Streibelt, T. Krüger, P. Richter, A. Feldmann, Detection, classification, and analysis of inter-domain traffic with spoofed source IP addresses, in Proceedings of the 2017 Internet Measurement Conference, (2017), 86–99. https://doi.org/10.1145/3131365.3131367 |
[6] | A. Al-Najjar, S. Teed, J. Indulska, M. Portmann, Flow-based load balancing of web traffic using OpenFlow, in 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), (2017), 1–6. https://doi.org/10.1109/ATNAC.2017.8215411 |
[7] | Cisco, Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2016–2021, 2017. Available from: https://www.ramonmillan.com. |
[8] | W. Li, A. W. Moore, M. Canini, Classifying HTTP traffic in the new age, ACM SIGCOMM, 8 (2008), 17–22. |
[9] | J. Liu, C. Fang, N. Ansari, Request dependency graph: A model for web usage mining in large-scale web of things, IEEE Internet Things J., 3 (2016), 598–608. https://doi.org/10.1109/JIOT.2015.2452964 doi: 10.1109/JIOT.2015.2452964 |
[10] | L. Vassio, I. Drago, M. Mellia, Detecting user actions from HTTP traces: toward an automatic approach, in 2016 International Wireless Communications and Mobile Computing Conference (IWCMC), (2016), 50–55. https://doi.org/10.1109/IWCMC.2016.7577032 |
[11] | G. Scavo, Z. B. Houidi, S. Traverso, R. Teixeira, M. Mellia, WeBrowse: mining HTTP logs online for network-based content recommendation, preprint, arXiv: 1602.06678. |
[12] | P. Fiadino, A. Bar, P. Casas, HTTPTag: a flexible on-line HTTP classification system for operational 3G networks, in 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), (2013), 71–72. https://doi.org/10.1109/INFCOMW.2013.6970744 |
[13] | X. Gui, J. Liu, Q. Lv, C. Dong, Z. Lei, Probabilistic top-k query: model and application on web traffic analysis, China Commun., 13 (2016), 123–137. https://doi.org/10.1109/CC.2016.7513208 doi: 10.1109/CC.2016.7513208 |
[14] | J. Sun, L. She, H. Chen, W. Zhong, C. Chang, Z. Chen, et al., Automatically identifying apps in mobile traffic, Concurrency Comput. Pract. Exper., 28 (2016), 3927–3941. https://doi.org/10.1002/cpe.3703 doi: 10.1002/cpe.3703 |
[15] | G. Aceto, D. Ciuonzo, A. Montieri, A. Pescapé, Mobile encrypted traffic classification using deep learning: experimental evaluation, lessons learned, and challenges, IEEE Trans. Network Serv. Manage., 16 (2019), 445–458. https://doi.org/10.1109/TNSM.2019.2899085 doi: 10.1109/TNSM.2019.2899085 |
[16] | P. Białczak, W. Mazurczyk, Characterizing anomalies in malware-generated HTTP traffic, Secur. Commun. Networks, 2020 (2020). https://doi.org/10.1155/2020/8848863 doi: 10.1155/2020/8848863 |
[17] | J. Li, H. Zhang, Z. Wei, The weighted word2vec paragraph vectors for anomaly detection over HTTP traffic, IEEE Access, 8 (2020), 141787–141798. https://doi.org/10.1109/ACCESS.2020.3013849 doi: 10.1109/ACCESS.2020.3013849 |
[18] | G. D'Angelo, F. Palmieri, Network traffic classification using deep convolutional recurrent autoencoder neural networks for spatial–temporal features extraction, J. Network Comput. Appl., 173 (2021), 102890. https://doi.org/10.1016/j.jnca.2020.102890 doi: 10.1016/j.jnca.2020.102890 |
[19] | S. Dong, Y. Xia, T. Peng, Traffic identification model based on generative adversarial deep convolutional network, Ann. Telecommun., (2021), 1–15. https://doi.org/10.1007/s12243-021-00876-6 doi: 10.1007/s12243-021-00876-6 |
[20] | T. T. Nguyen, G. Armitage, A survey of techniques for internet traffic classification using machine learning, IEEE Commun. Surv. Tutorials, 10 (2008), 56–76. https://doi.org/10.1109/SURV.2008.080406 doi: 10.1109/SURV.2008.080406 |
[21] | A. Callado, C. Kamienski, G. Szabó, B. P. Gero, J. Kelner, S. Fernandes, et al., A survey on internet traffic identification, IEEE Commun. Surv. Tutorials, 11 (2009), 37–52. https://doi.org/10.1109/SURV.2009.090304 doi: 10.1109/SURV.2009.090304 |
[22] | A. Dainotti, A. Pescape, K. C. Claffy, Issues and future directions in traffic classification, IEEE Network, 26 (2012), 35–40. https://doi.org/10.1109/MNET.2012.6135854 doi: 10.1109/MNET.2012.6135854 |
[23] | M. Finsterbusch, C. Richter, E. Rocha, J. Muller, K. Hanssgen, A survey of payload-based traffic classification approaches, IEEE Commun. Surv. Tutorials, 16 (2013), 1135–1156. https://doi.org/10.1109/SURV.2013.100613.00161 doi: 10.1109/SURV.2013.100613.00161 |
[24] | D. Naboulsi, M. Fiore, S. Ribot, R. Stanica, Large-scale mobile traffic analysis: a survey, IEEE Commun. Surv. Tutorials, 18 (2015), 124–161. https://doi.org/10.1109/COMST.2015.2491361 doi: 10.1109/COMST.2015.2491361 |
[25] | P. Velan, M. Cermak, P. Celeda, M. Drasar, A survey of methods for encrypted traffic classification and analysis, Int. J. Network Manage., 25 (2015), 355–374. https://doi.org/10.1002/nem.1901 doi: 10.1002/nem.1901 |
[26] | D. Acarali, M. Rajarajan, N. Komninos, I. Herwono, Survey of approaches and features for the identification of HTTP-based botnet traffic, J. Network Comput. Appl., 76 (2016), 1–15. https://doi.org/10.1016/j.jnca.2016.10.007 doi: 10.1016/j.jnca.2016.10.007 |
[27] | W. Pan, G. Cheng, X. Guo, S. Huang, Review and perspective on encrypted traffic identification research, J. Commun., 37 (2016), 154–167. https://doi.org/10.11959/j.issn.1000-436x.2016187 doi: 10.11959/j.issn.1000-436x.2016187 |
[28] | F. Pacheco, E. Exposito, M. Gineste, C. Baudoin, J. Aguilar, Towards the deployment of machine learning solutions in network traffic classification: A systematic survey, IEEE Commun. Surv. Tutorials, 21 (2018), 1988–2014. https://doi.org/10.1109/COMST.2018.2883147 doi: 10.1109/COMST.2018.2883147 |
[29] | S. Rezaei, X. Liu, Deep learning for encrypted traffic classification: an overview, IEEE Commun. Mag., 57 (2019), 76–81. https://doi.org/10.1109/MCOM.2019.1800819 doi: 10.1109/MCOM.2019.1800819 |
[30] | A. D'Alconzo, I. Drago, A. Morichetta, M. Mellia, P. Casas, A survey on big data for network traffic monitoring and analysis, IEEE Trans. Network Serv. Manage., 16 (2019), 800–813. https://doi.org/10.1109/TNSM.2019.2933358 doi: 10.1109/TNSM.2019.2933358 |
[31] | W. M. Shbair, T. Cholez, J. François, I. Chrisment, A survey of HTTPS traffic and services identification approaches, preprint, arXiv: 2008.08339. |
[32] | G. Aceto, D. Ciuonzo, A. Montieri, A. Pescape, Toward effective mobile encrypted traffic classification through deep learning, Neurocomputing, 409 (2020), 306–315. https://doi.org/10.1016/j.neucom.2020.05.036 doi: 10.1016/j.neucom.2020.05.036 |
[33] | A. Shahraki, M. Abbasi, A. Taherkordi, A. D. Jurcut, . Active learning for network traffic classification: a technical study, preprint, arXiv: 2106.06933. |
[34] | S. Dong, R. Li, Traffic identification method based on multiple probabilistic neural network model, Neural Comput. Appl., 31 (2019), 473–487. https://doi.org/10.1007/s00521-017-3081-x doi: 10.1007/s00521-017-3081-x |
[35] | H. Tang, Z. Li, Design and implementation of a DPI-Based P2P traffic control system, Inf. Secur. Commun. Privacy, 6 (2007). |
[36] | M. Soysal, E. G. Schmidt, Machine learning algorithms for accurate flow-based network traffic classification: evaluation and comparison, Perform. Eval., 67 (2010), 451–467. https://doi.org/10.1016/j.peva.2010.01.001 doi: 10.1016/j.peva.2010.01.001 |
[37] | S. Dong, Multi class SVM algorithm with active learning for network traffic classification, Expert Syst. Appl., 176 (2021), 114885. https://doi.org/10.1016/j.eswa.2021.114885 doi: 10.1016/j.eswa.2021.114885 |
[38] | F. Haddadi, A. N. Zincir-Heywood, Benchmarking the effect of flow exporters and protocol filters on botnet traffic classification, IEEE Syst. J., 10 (2016), 1390–1401. https://doi.org/10.1109/JSYST.2014.2364743 doi: 10.1109/JSYST.2014.2364743 |
[39] | T. Bakhshi, B. Ghita, On internet traffic classification: A two-phased machine learning approach, J. Comput. Networks Commun., 2016 (2016). https://doi.org/10.1155/2016/2048302 doi: 10.1155/2016/2048302 |
[40] | S. Dong, X. Zhang, D. Zhou, Auto adaptive identification algorithm based on network traffic flow, Int. J. Comput. Commun. Control, 9 (2014), 672–685. http://dx.doi.org/10.1145/1080091.1080119 doi: 10.1145/1080091.1080119 |
[41] | Y. Dong, J. Zhao, J. Jin, Novel feature selection and classification of Internet video traffic based on a hierarchical scheme, Comput. Networks, 119 (2017), 102–111. https://doi.org/10.1016/j.comnet.2017.03.019 doi: 10.1016/j.comnet.2017.03.019 |
[42] | S. Dong, W. Liu, D. Zhou, Y. Qi, NSVM: A new SVM algorithm based on traffic flow metric, J. Internet Technol., 16 (2015), 1005–1014. |
[43] | R. Dubin, A. Dvir, O. Pele, O. Hadar, I know what you saw last minute—encrypted http adaptive video streaming title classification, IEEE Trans. Inf. Forensics Secur., 12 (2017), 3039–3049. https://doi.org/10.1109/TIFS.2017.2730819 doi: 10.1109/TIFS.2017.2730819 |
[44] | H. D. Trinh, A. F. Gambin, L. Giupponi, M. Rossi, P. Dini, Mobile traffic classification through physical control channel fingerprinting: a deep learning approach, IEEE Trans. Network Serv. Manage., 2020 (2020). https://doi.org/10.1109/TNSM.2020.3028197 doi: 10.1109/TNSM.2020.3028197 |
[45] | M. Xie, J. Fu, Y. Wang, G. Peng, Monitoring and blocking methods of HTTP traffic injection in mobile web browser, J. Wuhan Univ., 63 (2017), 385–396. |
[46] | G. Rizothanasis, N. Carlsson, A. Mahanti, Identifying user actions from HTTP (S) traffic, in 2016 IEEE 41st Conference on Local Computer Networks (LCN), (2016), 555–558. https://doi.org/10.1109/LCN.2016.91 |
[47] | J. Manzoor, I. Drago, R. Sadre, How HTTP/2 is changing web traffic and how to detect it, in 2017 Network Traffic Measurement and Analysis Conference (TMA), (2017), 1–9. https://doi.org/10.23919/TMA.2017.8002899 |
[48] | J. Muehlstein, Y. Zion, M. Bahumi, I. Kirshenboim, R. Dubin, A. Dvir, et al., Analyzing HTTPS encrypted traffic to identify user's operating system, browser and application, in 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC), (2017), 1–6. https://doi.org/10.1109/CCNC.2017.8013420 |
[49] | T. Petsas, A. Papadogiannakis, M. Polychronakis, E. P. Markatos, T. Karagiannis, Measurement, modeling, and analysis of the mobile app ecosystem, ACM Trans. Model. Perform. Eval. Comput. Syst., 2 (2017), 7. https://doi.org/10.1145/2993419 doi: 10.1145/2993419 |
[50] | M. Rapoport, P. Suter, E. Wittern, O. Lhotak, J. Dolby, Who you gonna call? Analyzing web requests in Android applications, in 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR), (2017), 80–90. https://doi.org/10.1109/MSR.2017.11 |
[51] | Z. B. Houidi, G. Scavo, S. Ghamri-Doudane, A. Finamore, S. Traverso, M. Mellia, Gold mining in a river of internet content traffic, in International Workshop on Traffic Monitoring and Analysis, Springer, (2014), 91–103. https://doi.org/10.1007/978-3-642-54999-1_8 |
[52] | UNIBS, 2011. Available from: http://netweb.ing.unibs.it/ ntw/tools/traces/. |
[53] | CIC, 2021. Available from: https://www.unb.ca/cic/datasets/. |
[54] | UMass, 2021. Available from: http://skuld.cs.umass.edu/traces/network/README-webident2. |
[55] | CAIDA, 2021. Available from: https://catalog.caida.org/search?query=types=dataset. |
[56] | WIDE, 2021. Available from: http://mawi.wide.ad.jp/mawi/. |
[57] | G. Maier, A. Feldmann, V. Paxson, A. Mark, On dominant characteristics of residential broadband internet traffic, in Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement Conference, (2009), 90–102. https://doi.org/10.1145/1644893.1644904 |
[58] | L. Bernaille, R. Teixeira, I. Akodkenou, A. Soule, K. Salamatian, Traffic classification on the fly, ACM SIGCOMM Comput. Commun. Rev., 36 (2006), 23–26. https://doi.org/10.1145/1129582.1129589 doi: 10.1145/1129582.1129589 |
[59] | L. Bernaille, R. Teixeira, K. Salamatian, Early application identification, in Proceedings of the 2006 ACM CoNEXT Conference, (2006), 1–12. https://doi.org/10.1145/1368436.1368445 |
[60] | L. Bernaille, R. Teixeira, Early recognition of encrypted applications, in International Conference on Passive and Active Network Measurement, (2007), 165–175. https://doi.org/10.1007/978-3-540-71617-4_17 |
[61] | A. Este, F. Gringoli, L. Salgarelli, On the stability of the information carried by traffic flow features at the packet level, ACM SIGCOMM Comput. Commun. Rev., 39 (2009), 13–18. https://doi.org/10.1145/1568613.1568616 doi: 10.1145/1568613.1568616 |
[62] | N. Huang, G. Jai, H. Chao, Early identifying application traffic with application characteristics, in 2008 IEEE International Conference on Communications, (2008), 5788–5792. https://doi.org/10.1109/ICC.2008.1083 |
[63] | N. Huang, G. Jai, H. Chao, Y. Tzang, H. Chang, Application traffic classification at the early stage by characterizing application rounds, Inf. Sci., 232 (2013), 130–142. https://doi.org/10.1016/j.ins.2012.12.039 doi: 10.1016/j.ins.2012.12.039 |
[64] | T. T. Nguyen, G. Armitage, P. Branch, S. Zander, Timely and continuous machine-learning-based classification for interactive IP traffic, IEEE/ACM Trans. Networking, 20 (2012), 1880–1894. https://doi.org/10.1109/TNET.2012.2187305 doi: 10.1109/TNET.2012.2187305 |
[65] | G. He, M. Yang, J. Luo, L. Zhang, Online identification of tor anonymous communication traffic, J. Commun., 24 (2013), 540–556. |
[66] | L. Chen, J. Gong, Fast application-level traffic classification using NetFlow records, J. Commun., 33 (2012), 145–152. https://doi.org/1000-436X(2012)01-0145-08 |
[67] | S. Dong, W. Ding, Traffic classification model based on fusion of multiple classifiers with flow preference, J. Commun., 34 (2013), 143–152. https://doi.org/10.3969/j.issn.1000-436x.2013.10.017 doi: 10.3969/j.issn.1000-436x.2013.10.017 |
[68] | V. Paxson, Empirically derived analytic models of wide-area TCP connections, IEEE/ACM Trans. Networking, 2 (1994), 316–336. https://doi.org/10.1109/90.330413 doi: 10.1109/90.330413 |
[69] | C. Dewes, A. Wichmann, A. Feldmann, An analysis of Internet chat systems, in Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement, (2003), 51–64. https://doi.org/10.1145/948205.948214 |
[70] | T. Lang, G. Armitage, P. Branch, H. Choo, A synthetic traffic model for half-life, in Aust. Telecommun. Networks Appl. Conference, 2003 (2003), 1–5. |
[71] | T. Lang, P. Branch, G. Armitage, A synthetic traffic model for Quake3, in Proceedings of the 2004 ACM SIGCHI International Conference on Advances in Computer Entertainment Technology, (2004), 233–238. https://doi.org/10.1145/1067343.1067373 |
[72] | S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, et al. The design of GrIDS: A graph-based intrusion detection system, in Technical Report CSE-99-2, UC Davis Computer Science Department, (1999). |
[73] | M. Iliofotou, P. Pappu, M. Faloutsos, M. Mitzenmacher, S. Singh, G. Varghese, Network monitoring using traffic dispersion graphs (tdgs), in Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement, (2007), 315–320. https://doi.org/10.1145/1298306.1298349 |
[74] | M. Iliofotou, H. Kim, M. Faloutsos, M. Mitzenmacher, P. Pappu, G. Varghese, Graption: a graph-based P2P traffic classification framework for the internet backbone, Comput. Networks, 55 (2011), 1909–1920. https://doi.org/10.1016/j.comnet.2011.01.020 doi: 10.1016/j.comnet.2011.01.020 |
[75] | Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2017–2022 White Paper, 2019. Available from: https://branden.biz/wp-content/uploads/2019/05/white-paper-c11-738429.pdf. |
[76] | A. Gember, A. Anand, A. Akella, A comparative study of handheld and non-handheld traffic in campus wi-fi networks, in International Conference on Passive and Active Network Measurement, (2011), 173–183. https://doi.org/10.1007/978-3-642-19260-9_18 |
[77] | J. Liu, T. Li, G. Chen, Y. Hua, Z. Lei, Mining and modelling the dynamic patterns of service providers in cellular data network based on big data analysis, China Commun., 10 (2013), 25–26. https://doi.org/10.1109/CC.2013.6723876 doi: 10.1109/CC.2013.6723876 |
[78] | S. Dong, D. Zhou, W. Ding, Traffic classification model based on integration of multiple classifiers, J. Comput. Inf. Syst., 8 (2012), 10429–10437. |
[79] | X. Gui, J. Liu, C. Li, Q. Lv, Z. Lei, Fine-grained analysis of cellular smartphone usage characteristics based on massive network traffic, J. China Univ. Posts Telecommun., 23 (2016), 70–75. https://doi.org/10.1016/S1005-8885(16)60035-3 doi: 10.1016/S1005-8885(16)60035-3 |
[80] | Y. Li, J. Yang, N. Ansari, Cellular smartphone traffic and user behavior analysis, in 2014 IEEE International Conference on Communications (ICC), (2014), 1326–1331. https://doi.org/10.1109/ICC.2014.6883505 |
[81] | M. Z. Shafiq, L. Ji, A. X. Liu, J. Wang, Characterizing and modeling internet traffic dynamics of cellular devices, in Proceedings of the ACM SIGMETRICS Joint International Conference on Measurement and Modeling of Computer Systems, (2011), 305–316. https://doi.org/10.1145/2007116.2007148 |
[82] | Q. Xu, J. Erman, A. Gerber, Z. Mao, J. Pang, S. Venkataraman, Identifying diverse usage behaviors of smartphone apps, in Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, (2011), 329–344. https://doi.org/10.1145/2068816.2068847 |
[83] | F. T. Vincent, R. Spolaor, M. Conti, I. Martinovic, Appscanner: automatic fingerprinting of smartphone apps from encrypted network traffic, in 2016 IEEE European Symposium on Security and Privacy (EuroS & P), (2016), 439–454. https://doi.org/10.1109/EuroSP.2016.40 |
[84] | M. Shen, J. Zhang, L. Zhu, K. Xu, X. Du, Y. Liu, Encrypted traffic classification of decentralized applications on ethereum using feature fusion, in 2019 IEEE/ACM 27th International Symposium on Quality of Service (IWQoS), (2019), 1–10. https://doi.org/10.1145/3326285.3329053 |
[85] | G. Aceto, D. Ciuonzo, A. Montieri, A. Pescape, MIMETIC: mobile encrypted traffic classification using multimodal deep learning, Comput. Networks, 165 (2019), 106944. https://doi.org/10.1016/j.comnet.2019.106944 doi: 10.1016/j.comnet.2019.106944 |
[86] | G. Aceto, D. Ciuonzo, A. Montieri, A. Pescape, Multi-classification approaches for classifying mobile app traffic, J. Network Comput. Appl., 103 (2018), 131–145. https://doi.org/10.1016/j.jnca.2017.11.007 doi: 10.1016/j.jnca.2017.11.007 |
[87] | G. Xie, Q. Li, Y. Jiang, D. Tao, G. Shen, R. Li, et al., SAM: self-attention based deep learning method for online traffic classification, in Proceedings of the Workshop on Network Meets AI & ML, (2020), 14–20. https://doi.org/10.1145/3405671.3405811 |
[88] | C. Liu, L. He, G. Xiong, Z. Cao, Z. Li, Fs-net: a flow sequence network for encrypted traffic classification, in IEEE INFOCOM 2019-IEEE Conference on Computer Communications, (2019), 1171–1179. https://doi.org/10.1109/INFOCOM.2019.8737507 |
[89] | M. Lopez-Martin, B. Carro, A. Sanchez-Esguevillas, J. Lloret, Network traffic classifier with convolutional and recurrent neural networks for internet of things, IEEE Access, 5 (2017), 18042–18050. https://doi.org/10.1109/ACCESS.2017.2747560 doi: 10.1109/ACCESS.2017.2747560 |
[90] | T. Shapira, Y. Shavitt, Flowpic: encrypted internet traffic classification is as easy as image recognition, in IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), (2019), 680–687. https://doi.org/10.1109/INFCOMW.2019.8845315 |
[91] | F-SECURE, Threat Description Bluetooth-Worm: SymbOS/Cabir, 2021. Available from: https://www.f-secure.com/v-descs/cabir.shtml. |
[92] | F-SECURE, Mobile Threat Report Q4 2011, 2021. Available from: https://www.f-secure.com/documents/996508/1030743/mobile_threat_report_q4_2011.pdf. |
[93] | F-SECURE, Threat Description Bluetooth-Worm: SymbOS/Cabir, 2021. Available from: https://www.f-secure.com/v-descs/worm_iphoneos_ikee.shtml. |
[94] | GDATASECURITYLAB, FakePlayer, 2021. Available from: https://www.gdata.at/securitylabs/mobile/mobile-malware/. |
[95] | F-SECURE, Mobile Threat Report 2012–2014, 2021. Available from: https://www.f-secure.com/en/web/labs_global/whitepapers. |
[96] | APPTHORITY, Mobile Threat Report, 2021. Available from: http://info.appthority.com/hubfs/website-LEARN-content/Appthority-Mobile-Threat-Report-Q12015.pdf. |
[97] | S. C. Peng, A survey on malware containment models in smartphones, Appl. Mech. Mater., 263 (2013), 3005–3011. https://doi.org/10.4028/www.scientific.net/AMM.263-266.3005 doi: 10.4028/www.scientific.net/AMM.263-266.3005 |
[98] | S. PENG, S. Yu, A. Yang, Smartphone malware and its propagation modeling: a survey, Commun. Surv. Tutorials, 16 (2014), 925–941. https://doi.org/10.1109/SURV.2013.070813.00214 doi: 10.1109/SURV.2013.070813.00214 |
[99] | G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, A. Ribagorda, Evolution, detection and analysis of malware for smart devices, Commun. Surv. Tutorials, 16 (2014), 961–987. https://doi.org/10.1109/SURV.2013.101613.00077 doi: 10.1109/SURV.2013.101613.00077 |
[100] | Y. Zhou, X. Jiang, Dissecting android malware: characterization and evolution, in 2012 IEEE Symposium on Security and Privacy, (2012), 95–109. https://doi.org10.1109/SP.2012.16 |
[101] | Y. Liu, L. Zhang, J. Liang, S. Qu, Z. Ni, Detecting trojan horses based on system behavior using machine learning method, in 2010 International Conference on Machine Learning and Cybernetics, (2010), 855–860. https://doi.org/10.1109/ICMLC.2010.5580591 |
[102] | V. K. Gudipati, A. Vetwal, V. Kumar, A. Adeniyi, A. Abuzneid, Detection of trojan horses by the analysis of system behavior and data packets, in 2015 Long Island Systems, Applications and Technology, (2015), 1–4. https://doi.org/10.1109/LISAT.2015.7160176 |
[103] | J. Nazario, T. Holz, As the net churns: fast-flux botnet observations, in 2008 3rd International Conference on Malicious and Unwanted Software (MALWARE), (2008), 24–31. https://doi.org/10.1109/MALWARE.2008.4690854 |
[104] | W. Yu, X. Wang, P. Calyam, D. Xuan, W. Zhao, Modeling and detection of camouflaging worm, IEEE Trans. Dependable Secure Comput., 8 (2011), 377–390. https://doi.org/10.1109/TDSC.2010.13 doi: 10.1109/TDSC.2010.13 |
[105] | NSFOCUS Information Technology Co. Ltd., XcodeGhost automatically Checking, 2015. Available from: https://cloud.nsfocus.com/#/krosa/views/initcdr/secalertindex. |
[106] | PANGU JAILBREAK, Statistical Report for XcodeGhost Virus, 2015. Available from: http://x.pangu.io/. |
[107] | A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, Y. Weiss, "Andromaly": a behavioral malware detection framework for android devices, J. Intell. Inf. Syst., 38 (2012), 161–190. https://doi.org/10.1007/s10844-010-0148-x doi: 10.1007/s10844-010-0148-x |
[108] | Y. Cao, R. Ji, L. Ji, X. Shao, G. Lei, H. Wang, MPTCP-meLearning: a multi-expert learning-based MPTCP extension to enhance multipathing robustness against network attacks, IEICE Trans. Inf. Syst., E104-D (2021). https://doi.org/10.1587/transinf.2021NGP0009 doi: 10.1587/transinf.2021NGP0009 |
[109] | F. Song, L. Li, I. You, H. Zhang, Enabling heterogeneous deterministic networks with smart collaborative theory, IEEE Network, 35 (2021), 64–71. https://doi.org/10.1109/MNET.011.2000613 doi: 10.1109/MNET.011.2000613 |
[110] | F. Song, Z. Ai, H. Zhang, I. You, S. Li, Smart collaborative balancing for dependable network components in cyber-physical systems, IEEE Trans. Ind. Inf., 17 (2021), 6916–6924. https://doi.org/10.1109/TII.2020.3029766 doi: 10.1109/TII.2020.3029766 |
[111] | C. J. Wright, Towards Real Time Characterization of Grain Growth from the Melt, Columbia University, 2020. |
[112] | G. Aceto, D. Ciuonzo, A. Montieri, A. Pescape, DISTILLER: encrypted traffic classification via multimodal multitask deep learning, J. Network Comput. Appl., 183 (2021), 102985. https://doi.org/10.1016/j.jnca.2021.102985 doi: 10.1016/j.jnca.2021.102985 |
[113] | Z. Bu, B. Zhou, P. Cheng, K. Zhang, Z. Ling, Encrypted network traffic classification using deep and parallel network-in-network models, IEEE Access, 8 (2020), 132950–132959. https://doi.org/10.1109/ACCESS.2020.3010637 doi: 10.1109/ACCESS.2020.3010637 |
[114] | G. Bovenzi, L. Yang, A. Finamore, A first look at class Incremental Learning in Deep Learning Mobile Traffic Classification, preprint, arXiv: 2107.04464. |
[115] | F. Song, M. Zhu, Y. Zhou, I. You, H. Zhang, Smart collaborative tracking for ubiquitous power IoT in edge-cloud interplay domain, IEEE Internet Things J., 7 (2020), 6046–6055. https://doi.org/10.1109/JIOT.2019.2958097 doi: 10.1109/JIOT.2019.2958097 |
[116] | F. Song, Z. Ai, Y. Zhou, I. You, R. Choo, H. Zhang, Smart collaborative automation for receive buffer control in multipath industrial networks, IEEE Trans. Ind. Inf., 16 (2020), 1385–1394. https://doi.org/10.1109/TII.2019.2950109 doi: 10.1109/TII.2019.2950109 |