Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42% compared to the SOTA method.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning

  • Jinhe Wu,
  • Chenchen Ren,
  • Wei Wang,
  • Endong Tong,
  • Wei Liang,
  • Zuobin Ying,
  • Meng Shen,
  • Liehuang Zhu

摘要

Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42% compared to the SOTA method.