Journal of Cloud Computing: Advances, Systems and Applications (Apr 2023)

Identification of encrypted and malicious network traffic based on one-dimensional convolutional neural network

  • Yan Zhou,
  • Huiling Shi,
  • Yanling Zhao,
  • Wei Ding,
  • Jing Han,
  • Hongyang Sun,
  • Xianheng Zhang,
  • Chang Tang,
  • Wei Zhang

DOI
https://doi.org/10.1186/s13677-023-00430-w
Journal volume & issue
Vol. 12, no. 1
pp. 1 – 10

Abstract

Read online

Abstract The rapid advancement of the Internet has brought a exponential growth in network traffic. At present, devices deployed at edge nodes process huge amount of data, extract key features of network traffic and then forward them to the cloud server/data center. However, since the efficiency of mobile terminal devices in identifying and classifying encrypted and malicious traffic lags behind, how to identify network traffic more efficiently and accurately remains a challenging problem. We design a convolutional neural network model: One-dimensional convolutional neural network with hexadecimal data (HexCNN-1D) that combines normalized processing and attention mechanisms. By adding the attention mechanism modules Global Attention Block (GAB) and Category Attention Block (CAB), network traffic is classified and identified. By extracting effective load information from hexadecimal network traffic, our model can identify most categories of network traffic including encrypted and malicious traffic data. The experimental results show that the average accuracy is 98.8%. Our model can greatly improve the accuracy of network traffic data recognition.

Keywords