TY - JOUR
T1 - CAPC
T2 - Packet-Based Network Service Classifier with Convolutional Autoencoder
AU - Chiu, Kai Cheng
AU - Liu, Chien Chang
AU - Chou, Li Der
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2020
Y1 - 2020
N2 - The Internet has been evolving from a traditional mechanism to a modern service-oriented architecture, such as quality-of-service (QoS) policies, to meet users' various requirements for high service quality. An instant and effective network traffic classification method is indispensable to identify network services to enforce QoS policies on the corresponding service. Network managers can easily flexibly deploy traffic classification modules and configure the network policies with the help of the emerging software-defined networking. However, most existing traffic classification solutions, such as port-based methods or deep packet inspection, cannot handle real-time and encrypted traffic classification. In this research, a Convolutional Autoencoder Packet Classifier (CAPC) has been proposed to immediately classify incoming packets in fine-grained and coarse-grained manners, that is, classifying a service to a single application and a rough genre, respectively. The CAPC is a packet-based deep learning model consisting of a 1D convolutional neural network and an autoencoder, which can handle dynamic-port and encrypted traffic and even cluster similar applications. This classifier is verified on not only the private self-captured traffic but also a public VPN dataset to demonstrate its performance. Moreover, the CAPC classifies different types of service traffic with an accuracy of over 99.9% on the private dataset of 16 services and over 97% on the public dataset of 24 services, thereby outperforming other deep learning classifiers. Experimental results also show other performance metrics, including stability, average precision, and recall and the highest F1-score values of 15 and 18 services on the private and public datasets, respectively.
AB - The Internet has been evolving from a traditional mechanism to a modern service-oriented architecture, such as quality-of-service (QoS) policies, to meet users' various requirements for high service quality. An instant and effective network traffic classification method is indispensable to identify network services to enforce QoS policies on the corresponding service. Network managers can easily flexibly deploy traffic classification modules and configure the network policies with the help of the emerging software-defined networking. However, most existing traffic classification solutions, such as port-based methods or deep packet inspection, cannot handle real-time and encrypted traffic classification. In this research, a Convolutional Autoencoder Packet Classifier (CAPC) has been proposed to immediately classify incoming packets in fine-grained and coarse-grained manners, that is, classifying a service to a single application and a rough genre, respectively. The CAPC is a packet-based deep learning model consisting of a 1D convolutional neural network and an autoencoder, which can handle dynamic-port and encrypted traffic and even cluster similar applications. This classifier is verified on not only the private self-captured traffic but also a public VPN dataset to demonstrate its performance. Moreover, the CAPC classifies different types of service traffic with an accuracy of over 99.9% on the private dataset of 16 services and over 97% on the public dataset of 24 services, thereby outperforming other deep learning classifiers. Experimental results also show other performance metrics, including stability, average precision, and recall and the highest F1-score values of 15 and 18 services on the private and public datasets, respectively.
KW - Autoencoder
KW - deep learning
KW - one-dimensional convolutional neural network
KW - packet-based traffic classification
UR - http://www.scopus.com/inward/record.url?scp=85097421593&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2020.3041806
DO - 10.1109/ACCESS.2020.3041806
M3 - 期刊論文
AN - SCOPUS:85097421593
SN - 2169-3536
VL - 8
SP - 218081
EP - 218094
JO - IEEE Access
JF - IEEE Access
M1 - 9274356
ER -