Deep Learning for Encrypted Traffic Classification and Unknown Data Detection
share
Despite the widespread use of encryption techniques to provide confidentiality over Internet communications, mobile device users are still susceptible to privacy and security risks. In this paper, a new Deep Neural Network (DNN) based user activity detection framework is proposed to identify fine grained user activities performed on mobile applications (known as in-app activities) from a sniffed encrypted Internet traffic stream. One of the challenges is that there are countless applications, and it is practically impossible to collect and train a DNN model using all possible data from them. Therefore, in this work we exploit the probability distribution of DNN output layer to filter the data from applications that are not considered during the model training (i.e., unknown data). The proposed framework uses a time window based approach to divide the traffic flow of an activity into segments, so that in-app activities can be identified just by observing only a fraction of the activity related traffic. Our tests have shown that the DNN based framework has demonstrated an accuracy of 90 in-app activities and an average accuracy of 79 untrained in-app activity traffic as unknown data when this framework is employed.
READ FULL TEXT