nnDPI: A Novel Deep Packet Inspection Technique Using Word Embedding, Convolutional and Recurrent Neural Networks

Traffic Characterization, Application Identification, Per Application Classification, and VPN/Non-VPN Traffic Characterization have been some of the most notable research topics over the past few years. Deep Packet Inspection (DPI) promises an increase in Quality of Service (QoS) for Internet Service Providers (ISPs), simplifies network management and plays a vital role in content censoring. DPI has been used to help ease the flow of network traffic. For instance, if there is a high priority message, DPI could be used to enable high-priority information to pass through immediately, ahead of other lower priority messages. It can be used to prioritize packets that are mission-critical, ahead of ordinary browsing packets. Throttling or slowing down the rate of data transfer can be achieved using DPI for certain traffic types like peer-to-peer downloads. It can also be used to enhance the capabilities of ISPs to prevent the exploitation of Internet of Things (IoT) devices in Distributed Denial-Of-Service (DDOS) attacks by blocking malicious requests from devices. In this paper, we introduce a novel architecture for DPI using neural networks utilizing layers of word embedding, convolutional neural networks and bidirectional recurrent neural networks which proved to have promising results in this task. The proposed architecture introduces a new mix of layers which outperforms the proposed approaches before.

[1]  Ali A. Ghorbani,et al.  Characterization of Encrypted and VPN Traffic using Time-related Features , 2016, ICISSP.

[2]  M. Amaç Güvensan,et al.  Application identification via network traffic classification , 2017, 2017 International Conference on Computing, Networking and Communications (ICNC).

[3]  Antonio Pescapè,et al.  Issues and future directions in traffic classification , 2012, IEEE Network.

[4]  Baohua Yang,et al.  Packet Classification Algorithms: From Theory to Practice , 2009, IEEE INFOCOM 2009.

[5]  Mahdi Jafari Siavoshani,et al.  Deep packet: a novel approach for encrypted traffic classification using deep learning , 2017, Soft Computing.

[6]  Pavel Celeda,et al.  A survey of methods for encrypted traffic classification and analysis , 2015, Int. J. Netw. Manag..

[7]  Eduardo Rocha,et al.  A Survey of Payload-Based Traffic Classification Approaches , 2014, IEEE Communications Surveys & Tutorials.

[8]  Ming Zhu,et al.  End-to-end encrypted traffic classification with one-dimensional convolution neural networks , 2017, 2017 IEEE International Conference on Intelligence and Security Informatics (ISI).

[9]  Kuldip K. Paliwal,et al.  Bidirectional recurrent neural networks , 1997, IEEE Trans. Signal Process..

[10]  Chencheng Ma,et al.  Improved KNN Algorithm for Fine-Grained Classification of Encrypted Network Flow , 2020, Electronics.