Publication: Encrypted Traffic characterization using None Zero payload and Payload Ratio Characteristics
Issued Date
2021-01-01
Resource Type
Other identifier(s)
2-s2.0-85125166650
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
ICSEC 2021 - 25th International Computer Science and Engineering Conference. (2021), 63-69
Suggested Citation
Watchara Satrabhandhu, Suratose Tritilanunt Encrypted Traffic characterization using None Zero payload and Payload Ratio Characteristics. ICSEC 2021 - 25th International Computer Science and Engineering Conference. (2021), 63-69. doi:10.1109/ICSEC53205.2021.9684630 Retrieved from: https://repository.li.mahidol.ac.th/handle/20.500.14594/76713
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
Encrypted Traffic characterization using None Zero payload and Payload Ratio Characteristics
Author(s)
Other Contributor(s)
Abstract
Traffic characterization has been the backbone of network maintenance procedures, such as limiting bandwidth for specific services. However, with today's network, traditional techniques fall short. Traffic characterization using machining learning has been intensively researched to alleviate the shortcomings of traditional methods. This paper proposed a Bi-direction Flow Non-zero Payload Flow (BIF-NZPF) data extraction scheme and Bi-direction Flow Payload Ratio feature (BIF-PR) for supervised traditional machine learning. Our approach is measured on a publicly available ISCX VPN-NonVPN dataset to classify 12 types of traffic using precision, recall, and accuracy. BIF-NZPF reduced the obscurity of application characteristics by filtering out TCP configuration packets. BIF-PR further detailed traffic characteristics using payload size distribution characteristics through local and global traffic flow while being lightly coupled with the duration of traffic flow. Lastly, the ISCX-VPN-NonVPN imbalance class issue is alleviated using a boosting ensemble algorithm, which improves performance.
