The increasing volume of encrypted proxy traffic introduces substantial obstacles for network security, notably in accurately recognizing and categorizing diverse proxy protocol flows. We propose a new approach for proxy traffic classification, called AGMF. Our method extracts diverse features from proxy traffic, focusing on three main types: statistical features, byte sequence features, and graph-based features. Specifically, we extract statistical features from each flow. Concurrently, we generate a matrix representing the byte sequences of each flow and leverage a Bidirectional Long Short-Term Memory (Bi-LSTM) network to extract temporal features. For the graph-based features, we construct a graph representation for each network flow and employ a Graph Convolutional Network (GCN) to capture the structural dependencies. These extracted features are then fused using the Cross-Attention mechanism, which allows for dynamic weighting of different feature views to enhance the overall classification performance. The results of our experiments confirm the capability of the proposed approach in accurately classifying various proxy traffic types, with 97.02% accuracy and 96.46% macro-F1 score, outperforming prior methods. This work contributes to the development of more robust and accurate traffic classification models for encrypted proxy traffic, providing valuable insights for future research in network security.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Attention-Guided Multi-view Feature Fusion for Proxy Traffic Classification

  • Xu Tang,
  • Jun Tao,
  • Yuantu Luo

摘要

The increasing volume of encrypted proxy traffic introduces substantial obstacles for network security, notably in accurately recognizing and categorizing diverse proxy protocol flows. We propose a new approach for proxy traffic classification, called AGMF. Our method extracts diverse features from proxy traffic, focusing on three main types: statistical features, byte sequence features, and graph-based features. Specifically, we extract statistical features from each flow. Concurrently, we generate a matrix representing the byte sequences of each flow and leverage a Bidirectional Long Short-Term Memory (Bi-LSTM) network to extract temporal features. For the graph-based features, we construct a graph representation for each network flow and employ a Graph Convolutional Network (GCN) to capture the structural dependencies. These extracted features are then fused using the Cross-Attention mechanism, which allows for dynamic weighting of different feature views to enhance the overall classification performance. The results of our experiments confirm the capability of the proposed approach in accurately classifying various proxy traffic types, with 97.02% accuracy and 96.46% macro-F1 score, outperforming prior methods. This work contributes to the development of more robust and accurate traffic classification models for encrypted proxy traffic, providing valuable insights for future research in network security.