Semi-Supervised Encrypted Malicious Traffic Detection Based on Multimodal Traffic Characteristics

被引:0
|
作者
Liu, Ming [1 ]
Yang, Qichao [1 ]
Wang, Wenqing [1 ]
Liu, Shengli [1 ]
机构
[1] Information Engineering University, Zhengzhou,450001, China
来源
Sensors | 2024年 / 24卷 / 20期
关键词
The exponential growth of encrypted network traffic poses significant challenges for detecting malicious activities online. The scale of emerging malicious traffic is significantly smaller than that of normal traffic; and the imbalanced data distribution poses challenges for detection. However; most existing methods rely on single-category features for classification; which struggle to detect covert malicious traffic behaviors. In this paper; we introduce a novel semi-supervised approach to identify malicious traffic by leveraging multimodal traffic characteristics. By integrating the sequence and topological information inherent in the traffic; we achieve a multifaceted representation of encrypted traffic. We design two independent neural networks to learn the corresponding sequence and topological features from the traffic. This dual-feature extraction enhances the model’s robustness in detecting anomalies within encrypted traffic. The model is trained using a joint strategy that minimizes both the reconstruction error from the autoencoder and the classification loss; allowing it to effectively utilize limited labeled data alongside a large amount of unlabeled data. A confidence-estimation module enhances the classifier’s ability to detect unknown attacks. Finally; our method is evaluated on two benchmark datasets; UNSW-NB15 and CICIDS2017; under various scenarios; including different training set label ratios and the presence of unknown attacks. Our model outperforms other models by 3.49% and 5.69% in F1 score at labeling rates of 1% and 0.1%; respectively. © 2024 by the authors;
D O I
10.3390/s24206507
中图分类号
学科分类号
摘要
引用
收藏
相关论文
共 50 条
  • [1] SFMD: A Semi-Supervised Federated Malicious Traffic Detection Approach in IoT
    Wang, Wenyue
    Wang, Shanshan
    Bai, Daokuan
    Zhao, Chuan
    Peng, Lizhi
    Chen, Zhenxiang
    [J]. 2022 IEEE INTL CONF ON PARALLEL & DISTRIBUTED PROCESSING WITH APPLICATIONS, BIG DATA & CLOUD COMPUTING, SUSTAINABLE COMPUTING & COMMUNICATIONS, SOCIAL COMPUTING & NETWORKING, ISPA/BDCLOUD/SOCIALCOM/SUSTAINCOM, 2022, : 774 - 781
  • [2] A Payload Based Malicious HTTP Traffic Detection Method Using Transfer Semi-Supervised Learning
    Chen, Tieming
    Chen, Yunpeng
    Lv, Mingqi
    He, Gongxun
    Zhu, Tiantian
    Wang, Ting
    Weng, Zhengqiu
    [J]. APPLIED SCIENCES-BASEL, 2021, 11 (16):
  • [3] A Semi-Supervised Anomaly Network Traffic Detection Framework via Multimodal Traffic Information Fusion
    Zheng, Yu
    Lian, Xinglin
    Dang, Zhangxuan
    Peng, Chunlei
    Yang, Chao
    Ma, Jianfeng
    [J]. PROCEEDINGS OF THE 32ND ACM INTERNATIONAL CONFERENCE ON INFORMATION AND KNOWLEDGE MANAGEMENT, CIKM 2023, 2023, : 4455 - 4459
  • [4] MT-CNN: A Classification Method of Encrypted Traffic Based on Semi-Supervised Learning
    Shi, KaiChao
    Zeng, Yong
    Ma, Baihe
    Liu, Zhihong
    Ma, Jianfeng
    [J]. IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM, 2023, : 7538 - 7543
  • [5] Detecting While Accessing: A Semi-Supervised Learning-Based Approach for Malicious Traffic Detection in Internet of Things
    Luo, Yantian
    Sun, Hancun
    Chen, Xu
    Ge, Ning
    Feng, Wei
    Lu, Jianhua
    [J]. CHINA COMMUNICATIONS, 2023, 20 (04) : 302 - 314
  • [6] Semi-supervised Malicious Traffic Detection with Improved Wasserstein Generative Adversarial Network with Gradient Penalty
    Wang, Jiafeng
    Liu, Ming
    Yin, Xiaokang
    Zhao, Yuhao
    Liu, Shengli
    [J]. 2022 IEEE 6TH ADVANCED INFORMATION TECHNOLOGY, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (IAEAC), 2022, : 1916 - 1922
  • [7] Detecting While Accessing: A Semi-Supervised Learning-Based Approach for Malicious Traffic Detection in Internet of Things
    Yantian Luo
    Hancun Sun
    Xu Chen
    Ning Ge
    Wei Feng
    Jianhua Lu
    [J]. China Communications, 2023, 20 (04) : 302 - 314
  • [8] A SEMI-SUPERVISED MODEL FOR NETWORK TRAFFIC ANOMALY DETECTION
    Nguyen Ha Duong
    Hoang Dang Hai
    [J]. 2015 17TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2015, : 70 - 75
  • [9] Semi-supervised lane detection for continuous traffic scenes
    Deng, Liwei
    Cao, He
    Dong, Qingbo
    Jiang, Yanshu
    [J]. TRAFFIC INJURY PREVENTION, 2023, 24 (06) : 452 - 457
  • [10] Trojan Traffic Detection Method Based on Semi-Supervised Deep Learning
    Gu Y.
    Huang B.
    Wang J.
    Tian T.
    Liu Y.
    Wu Y.
    [J]. Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2022, 59 (06): : 1329 - 1342
12345