Entropy Estimation for Real-Time Encrypted Traffic Identification (Short Paper)

被引:0
|
作者
Dorfinger, Peter [1 ]
Panholzer, Georg [1 ]
John, Wolfgang [2 ]
机构
[1] Salzburg Res, Salzburg, Austria
[2] Chalmers Univ Technol, Gothenburg, Sweden
来源
TRAFFIC MONITORING AND ANALYSIS: THIRD INTERNATIONAL WORKSHOP, TMA 2011 | 2011年 / 6613卷
关键词
entropy estimation; real-time detection; traffic filtering;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper describes a novel approach to classify network traffic into encrypted and unencrypted traffic. The classifier is able to operate in real-time as only the first packet of each flow is processed. The main metric used for classification is an estimation of the entropy of the first packet payload. The approach is evaluated based on encrypted ground truth traces and on real network traces. Encrypted traffic such as Skype, or encrypted eDonkey traffic are detected as encrypted with probability higher than 94%. Unencrypted protocols such as SMTP, HTTP, POP3 or FTP are detected as unencrypted with probability higher than 99.9%. The presented approach, named real-time encrypted traffic detector (RT-ETD), is well suited to operate as pre-filter for advanced classification approaches to enable their applicability on increased bandwidth.
引用
收藏
页码:164 / +
页数:2
相关论文
共 50 条
  • [1] Towards Real-time Processing for Application Identification of Encrypted Traffic
    Kumano, Yuichi
    Ata, Shingo
    Nakamura, Nobuyuki
    Nakahira, Yoshihiro
    Oka, Ikuo
    [J]. 2014 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC), 2014, : 136 - 140
  • [2] Behavior-Based Method for Real-Time Identification of Encrypted Proxy Traffic
    Luo, Ping
    Wang, Fei
    Chen, Shuhui
    Li, Zhenxing
    [J]. 2021 13TH INTERNATIONAL CONFERENCE ON COMMUNICATION SOFTWARE AND NETWORKS (ICCSN 2021), 2021, : 289 - 295
  • [3] Deep learning-based real-time VPN encrypted traffic identification methods
    Lulu Guo
    Qianqiong Wu
    Shengli Liu
    Ming Duan
    Huijie Li
    Jianwen Sun
    [J]. Journal of Real-Time Image Processing, 2020, 17 : 103 - 114
  • [4] Deep learning-based real-time VPN encrypted traffic identification methods
    Guo, Lulu
    Wu, Qianqiong
    Liu, Shengli
    Duan, Ming
    Li, Huijie
    Sun, Jianwen
    [J]. JOURNAL OF REAL-TIME IMAGE PROCESSING, 2020, 17 (01) : 103 - 114
  • [5] Real-time Application Identification of RTC Media Streams via Encrypted Traffic Analysis
    Wu, Hua
    Zhu, Chengfei
    Cheng, Guang
    Hu, Xiaoyan
    [J]. 2022 31ST INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS AND NETWORKS (ICCCN 2022), 2022,
  • [6] Requet: Real-Time QoE Detection for Encrypted YouTube Traffic
    Gutterman, Craig
    Guo, Katherine
    Arora, Sarthak
    Wang, Xiaoyang
    Wu, Les
    Katz-Bassett, Ethan
    Zussman, Gil
    [J]. PROCEEDINGS OF THE 10TH ACM MULTIMEDIA SYSTEMS CONFERENCE (ACM MMSYS'19), 2019, : 48 - 59
  • [7] Real-time Traffic Classification in Encrypted Wireless Communication Network
    Chen, Yongming
    Tong, Yuzhou
    Hwee, Gwee Bah
    Cao, Qi
    Razul, Sirajudeen Gulam
    Lin, Zhiping
    [J]. 2023 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, ISCAS, 2023,
  • [8] Real-Time Encrypted Traffic Classification via Lightweight Neural Networks
    Cheng, Jin
    He, Runkang
    Yuepeng, E.
    Wu, Yulei
    You, Junling
    Li, Tong
    [J]. 2020 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2020,
  • [9] Requet: Real-Time QoE Metric Detection for Encrypted YouTube Traffic
    Gutterman, Craig
    Guo, Katherine
    Arora, Sarthak
    Gilliland, Trey
    Wang, Xiaoyang
    Wu, Les
    Katz-Bassett, Ethan
    Zussman, Gil
    [J]. ACM TRANSACTIONS ON MULTIMEDIA COMPUTING COMMUNICATIONS AND APPLICATIONS, 2020, 16 (02)
  • [10] Acceleration of Feature Extraction for Real-Time Analysis of Encrypted Network Traffic
    Vrana, Roman
    Korenek, Jan
    Novak, David
    [J]. 2019 IEEE 22ND INTERNATIONAL SYMPOSIUM ON DESIGN AND DIAGNOSTICS OF ELECTRONIC CIRCUITS & SYSTEMS (DDECS), 2019,
12345