TEST: an End-to-End Network Traffic Examination and Identification Framework Based on Spatio-Temporal Features Extraction
This work addresses the challenge of accurate network traffic identification for applications such as quality of experience, bandwidth allocation, and intrusion detection systems, representing a strong specific gain in this domain.
The paper tackles the problem of identifying encrypted network traffic by proposing an end-to-end deep learning framework called TEST, which combines CNN and LSTM to automatically extract spatio-temporal features, achieving a state-of-the-art accuracy of 99.98% on tasks like encrypted traffic classification and intrusion detection.
With more encrypted network traffic gets involved in the Internet, how to effectively identify network traffic has become a top priority in the field. Accurate identification of the network traffic is the footstone of basic network services, say QoE, bandwidth allocation, and IDS. Previous identification methods either cannot deal with encrypted traffics or require experts to select tons of features to attain a relatively decent accuracy.In this paper, we present a Deep Learning based end-to-end network traffic identification framework, termed TEST, to avoid the aforementioned problems. CNN and LSTM are combined and implemented to help the machine automatically extract features from both special and time-related features of the raw traffic. The presented framework has two layers of structure, which made it possible to attain a remarkable accuracy on both encrypted traffic classification and intrusion detection tasks. The experimental results demonstrate that our model can outperform previous methods with a state-of-the-art accuracy of 99.98%.