Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks

Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks

The proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep pack...

Full description

Bibliographic Details
Main Authors: Xin Wang, Shuhui Chen, Jinshu Su
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
Mobile app identification
encrypted traffic classification
neural network
deep learning
Online Access:https://ieeexplore.ieee.org/document/9214897/
id doaj-94fd07f0f5c348f79b8084cf30d6a946
record_format Article
spelling doaj-94fd07f0f5c348f79b8084cf30d6a9462021-03-30T04:23:19ZengIEEEIEEE Access2169-35362020-01-01818206518207710.1109/ACCESS.2020.30291909214897Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural NetworksXin Wang0https://orcid.org/0000-0002-2208-1433Shuhui Chen1Jinshu Su2https://orcid.org/0000-0001-9273-616XCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaThe proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep packet inspection (DPI) techniques. However, such approaches have become less effective with the raising adoption of encrypted protocols in mobile applications (mostly TLS). To address the problem, various machine learning methods have been studied and used. Most of them use linear classifiers on top of hand-engineered features, which are unreliable due to the complexity of mobile traffic. In this article we propose App-Net, an end-to-end hybrid neural network for mobile app identification from encrypted TLS traffic. App-Net is designed by combining RNN and CNN in a parallel way and can automatically learn effective features from raw TLS flows. With coordinated fusion and optimized training, the hybrid and multimodal architecture is able to characterize both flow sequence patterns and app signatures to learn a joint flow-app embedding. We evaluate App-Net on a real-world dataset covering 80 apps. The results show that our method can achieve an excellent performance and outperform the state-of-the-art methods.https://ieeexplore.ieee.org/document/9214897/Mobile app identificationencrypted traffic classificationneural networkdeep learning
collection DOAJ
language English
format Article
sources DOAJ
author Xin Wang
Shuhui Chen
Jinshu Su
spellingShingle Xin Wang
Shuhui Chen
Jinshu Su
Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
IEEE Access
Mobile app identification
encrypted traffic classification
neural network
deep learning
author_facet Xin Wang
Shuhui Chen
Jinshu Su
author_sort Xin Wang
title Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
title_short Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
title_full Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
title_fullStr Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
title_full_unstemmed Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
title_sort automatic mobile app identification from encrypted traffic with hybrid neural networks
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2020-01-01
description The proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep packet inspection (DPI) techniques. However, such approaches have become less effective with the raising adoption of encrypted protocols in mobile applications (mostly TLS). To address the problem, various machine learning methods have been studied and used. Most of them use linear classifiers on top of hand-engineered features, which are unreliable due to the complexity of mobile traffic. In this article we propose App-Net, an end-to-end hybrid neural network for mobile app identification from encrypted TLS traffic. App-Net is designed by combining RNN and CNN in a parallel way and can automatically learn effective features from raw TLS flows. With coordinated fusion and optimized training, the hybrid and multimodal architecture is able to characterize both flow sequence patterns and app signatures to learn a joint flow-app embedding. We evaluate App-Net on a real-world dataset covering 80 apps. The results show that our method can achieve an excellent performance and outperform the state-of-the-art methods.
topic Mobile app identification
encrypted traffic classification
neural network
deep learning
url https://ieeexplore.ieee.org/document/9214897/
work_keys_str_mv AT xinwang automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks
AT shuhuichen automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks
AT jinshusu automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks
_version_ 1724181898225254400

Similar Items