Name
Title | ||
|---|---|---|
Accumulated Generalized Mean Value - a New Approach to Flow-Based Feature Generation for Encrypted Traffic Characterization |
Abstract | ||
|---|---|---|
In this paper, we concentrate on encrypted traffic detection and characterization and analyze the popular ISCXVPN2016 dataset. The detection of encrypted traffic and further characterization of its content is crucial both for securing the required Quality of Service and for Network Intrusion Detection. We introduce Accumulated Generalized Mean Value (AGMV), a novel preprocessing method for flow-based features. We apply this method to features from ISCXVPN2016 dataset and compare the performance of basic Machine Learning classifiers on the preprocessed and the original datasets. Furthermore, we compare our results with those obtained in recent state-of-the-art studies. We demonstrate the proposed simple preprocessing technique dramatically improves the performance of basic classifiers e.g. Random Forest. Moreover, combination of AGMV and Random Forest outperforms the existing state-of-the-art models. AGMV can be combined with more sophisticated classifiers for performance improvement in a variety of tasks where flow-based parameters play an important role. The new dataset is published online for further analysis. The proposed method, source code and the results are available online at our GitHub repository: https://github.com/AleksandrIvchenko/agm. |
Year | DOI | Venue |
|---|---|---|
2021 | 10.1109/CCWC51732.2021.9376132 | 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC) |
Keywords | DocType | ISBN |
traffic classification,encrypted traffic characterization,VPN,machine learning,automatic feature extraction,statistics | Conference | 978-1-6654-3058-6 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| r nigmatullin | 1 | 3 | 2.44 |
| Alexander Ivchenko | 2 | 0 | 0.34 |
| Semyon Dorokhin | 3 | 0 | 0.34 |