Go to OpenReview Public Article DBLP homepageSCENE: Shape-based Clustering for Enhanced Noise-resilient Encrypted Traffic Classification
Abstract: Network traffic classification is critical in network management, quality of service optimization, and security monitoring. However, most existing methods for encrypted traffic classification rely heavily on supervised learning, requiring large amounts of labeled data, and struggle to perform effectively in complex and dynamic network environments. To address these limitations, we propose a novel unsupervised method for encrypted traffic classification, which analyzes byte rate variations to capture traffic behavior patterns. Our approach does not require prior knowledge or large volumes of labeled data, enabling adaptive processing of encrypted traffic in complex network conditions. Specifically, we introduce a noise-resilient shape-line extraction method that preserves core behavioral characteristics of traffic; we design a multidimensional feature extraction strategy that analyzes both uplink and downlink features; and we propose an unsupervised classification algorithm that combines shape-based density clustering with a feature assignment strategy. This algorithm overcomes the limitations of traditional methods, such as the need for predefined cluster numbers, and can classify unknown traffic patterns. We validate our method on five real-world traffic datasets with differing levels of openness, demonstrating its remarkable robustness and accuracy in encrypted traffic classification tasks, thereby greatly enhancing the precision and stability of service classification.
External IDs:dblp:conf/trustcom/DuHLL024
Loading