The increasing prevalence of encrypted traffic in modern networks presents significant challenges for network security, particularly in detecting and classifying malicious activities and automating application signature identification. To address this, deep learning has emerged as a promising solution due to its ability to learn complex data patterns. In this work, we propose a novel deep learning-based framework for Encrypted Traffic Analysis (ETA) that automates the identification and classification of application signatures. Our framework integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks to enhance network security. LSTM effectively captures long-term dependencies in sequential data, enabling the detection of anomalies and prediction of future packets, while BERT provides a deeper contextual understanding of traffic flow. This automation-driven ETA approach ensures the accurate and efficient classification of encrypted traffic signatures, facilitating real-time threat detection. The proposed model is evaluated using publicly available datasets ISCXVPN2016 and CSTNET, outperforming existing approaches with an accuracy (AC) of 99.65%, precision (PR) of 99.53%, and recall (RC) of 99.28%. By automating the extraction and classification of Over-the-Top (OTT) application signatures, our framework enhances network monitoring and security while preserving data integrity.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Framework for Automation of Signatures Using Encrypted Traffic Analysis and Machine Learning

  • Aamina Hassan,
  • Ahmed Iftikhar Baig,
  • Abdul Rauf,
  • Haider Abbas,
  • Sadaf Rubab

摘要

The increasing prevalence of encrypted traffic in modern networks presents significant challenges for network security, particularly in detecting and classifying malicious activities and automating application signature identification. To address this, deep learning has emerged as a promising solution due to its ability to learn complex data patterns. In this work, we propose a novel deep learning-based framework for Encrypted Traffic Analysis (ETA) that automates the identification and classification of application signatures. Our framework integrates Bidirectional Encoder Representations from Transformers (BERT) and Long Short-Term Memory (LSTM) networks to enhance network security. LSTM effectively captures long-term dependencies in sequential data, enabling the detection of anomalies and prediction of future packets, while BERT provides a deeper contextual understanding of traffic flow. This automation-driven ETA approach ensures the accurate and efficient classification of encrypted traffic signatures, facilitating real-time threat detection. The proposed model is evaluated using publicly available datasets ISCXVPN2016 and CSTNET, outperforming existing approaches with an accuracy (AC) of 99.65%, precision (PR) of 99.53%, and recall (RC) of 99.28%. By automating the extraction and classification of Over-the-Top (OTT) application signatures, our framework enhances network monitoring and security while preserving data integrity.