Using CNN-based Representation Learning Method for Malicious Traffic Identification

Malicious traffic identification plays an important role in network security. This paper first introduces the defects of several traffic identification methods. By several successful applications of the representation learning in the field of network security, a method based on representation learning is proposed to identify the raw traffic data. This method represents raw flow data as an image and uses a convolutional neural network for classification and identification, which does not require manual selection and extraction of features. The segmented raw flow can be directly used as input data for the flow identification system. Experimental results show that this method has high availability and high accuracy in malicious traffic identification.

[1]  Carey L. Williamson,et al.  A Longitudinal Study of P2P Traffic Classification , 2006, 14th IEEE International Symposium on Modeling, Analysis, and Simulation.

[2]  Antonio Pescapè,et al.  Issues and future directions in traffic classification , 2012, IEEE Network.

[3]  Wu Xiaoping,et al.  Network fault diagnosis based on rough set-support vector machine , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[4]  Min Ren,et al.  A Naive Bayesian Network Intrusion Detection Algorithm Based on Principal Component Analysis , 2015, 2015 7th International Conference on Information Technology in Medicine and Education (ITME).

[5]  Shikha Agrawal,et al.  A Survey on Feature Selection Techniques for Internet Traffic Classification , 2015, 2015 International Conference on Computational Intelligence and Communication Networks (CICN).

[6]  Ming Zhu,et al.  Malware traffic classification using convolutional neural network for representation learning , 2017, 2017 International Conference on Information Networking (ICOIN).

[7]  Blake Anderson,et al.  Machine Learning for Encrypted Malware Traffic Classification: Accounting for Noisy Labels and Non-Stationarity , 2017, KDD.

[8]  Michalis Faloutsos,et al.  BLINC: multilevel traffic classification in the dark , 2005, SIGCOMM '05.

[9]  Martín Abadi,et al.  TensorFlow: Large-Scale Machine Learning on Heterogeneous Distributed Systems , 2016, ArXiv.

[10]  Li Yuan,et al.  A hybrid method of rough set and support vector machine in network intrusion detection , 2010, 2010 2nd International Conference on Signal Processing Systems.

[11]  Fanhua Yu,et al.  A Wavelet Transform Based Support Vector Machine Ensemble Algorithm and Its Application in Network Intrusion Detection , 2015 .