Cargando…
Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction
With an increasing number of network attacks using encrypted communication, the anomaly detection of encryption traffic is of great importance to ensure reliable network operation. However, the existing feature extraction methods for encrypted traffic anomaly detection have difficulties in extractin...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Hindawi
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10023228/ https://www.ncbi.nlm.nih.gov/pubmed/36936668 http://dx.doi.org/10.1155/2023/3316642 |
| _version_ | 1784908886802694144 |
|---|---|
| author | Long, Gang Zhang, Zhaoxin |
| author_facet | Long, Gang Zhang, Zhaoxin |
| author_sort | Long, Gang |
| collection | PubMed |
| description | With an increasing number of network attacks using encrypted communication, the anomaly detection of encryption traffic is of great importance to ensure reliable network operation. However, the existing feature extraction methods for encrypted traffic anomaly detection have difficulties in extracting features, resulting in their low efficiency. In this paper, we propose a framework of encrypted traffic anomaly detection based on parallel automatic feature extraction, called deep encrypted traffic detection (DETD). The proposed DETD uses a parallel small-scale multilayer stack autoencoder to extract local traffic features from encrypted traffic and then adopts an L1 regularization-based feature selection algorithm to select the most representative feature set for the final encrypted traffic anomaly detection task. The experimental results show that DETD has promising robustness in feature extraction, i.e., the feature extraction efficiency of DETD is 66% higher than that of the conventional stacked autoencoder, and the anomaly detection performance is as high as 99.998%, and thus DETD outperforms the deep full-range framework and other neural network anomaly detection algorithms. |
| format | Online Article Text |
| id | pubmed-10023228 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | Hindawi |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-100232282023-03-18 Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction Long, Gang Zhang, Zhaoxin Comput Intell Neurosci Research Article With an increasing number of network attacks using encrypted communication, the anomaly detection of encryption traffic is of great importance to ensure reliable network operation. However, the existing feature extraction methods for encrypted traffic anomaly detection have difficulties in extracting features, resulting in their low efficiency. In this paper, we propose a framework of encrypted traffic anomaly detection based on parallel automatic feature extraction, called deep encrypted traffic detection (DETD). The proposed DETD uses a parallel small-scale multilayer stack autoencoder to extract local traffic features from encrypted traffic and then adopts an L1 regularization-based feature selection algorithm to select the most representative feature set for the final encrypted traffic anomaly detection task. The experimental results show that DETD has promising robustness in feature extraction, i.e., the feature extraction efficiency of DETD is 66% higher than that of the conventional stacked autoencoder, and the anomaly detection performance is as high as 99.998%, and thus DETD outperforms the deep full-range framework and other neural network anomaly detection algorithms. Hindawi 2023-03-10 /pmc/articles/PMC10023228/ /pubmed/36936668 http://dx.doi.org/10.1155/2023/3316642 Text en Copyright © 2023 Gang Long and Zhaoxin Zhang. https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. |
| spellingShingle | Research Article Long, Gang Zhang, Zhaoxin Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title | Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title_full | Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title_fullStr | Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title_full_unstemmed | Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title_short | Deep Encrypted Traffic Detection: An Anomaly Detection Framework for Encryption Traffic Based on Parallel Automatic Feature Extraction |
| title_sort | deep encrypted traffic detection: an anomaly detection framework for encryption traffic based on parallel automatic feature extraction |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10023228/ https://www.ncbi.nlm.nih.gov/pubmed/36936668 http://dx.doi.org/10.1155/2023/3316642 |
| work_keys_str_mv | AT longgang deepencryptedtrafficdetectionananomalydetectionframeworkforencryptiontrafficbasedonparallelautomaticfeatureextraction AT zhangzhaoxin deepencryptedtrafficdetectionananomalydetectionframeworkforencryptiontrafficbasedonparallelautomaticfeatureextraction |