Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks
The proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep pack...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9214897/ |
| _version_ | 1818662624433274880 |
|---|---|
| author | Xin Wang Shuhui Chen Jinshu Su |
| author_facet | Xin Wang Shuhui Chen Jinshu Su |
| author_sort | Xin Wang |
| collection | DOAJ |
| description | The proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep packet inspection (DPI) techniques. However, such approaches have become less effective with the raising adoption of encrypted protocols in mobile applications (mostly TLS). To address the problem, various machine learning methods have been studied and used. Most of them use linear classifiers on top of hand-engineered features, which are unreliable due to the complexity of mobile traffic. In this article we propose App-Net, an end-to-end hybrid neural network for mobile app identification from encrypted TLS traffic. App-Net is designed by combining RNN and CNN in a parallel way and can automatically learn effective features from raw TLS flows. With coordinated fusion and optimized training, the hybrid and multimodal architecture is able to characterize both flow sequence patterns and app signatures to learn a joint flow-app embedding. We evaluate App-Net on a real-world dataset covering 80 apps. The results show that our method can achieve an excellent performance and outperform the state-of-the-art methods. |
| first_indexed | 2024-12-17T05:03:55Z |
| format | Article |
| id | doaj.art-94fd07f0f5c348f79b8084cf30d6a946 |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-17T05:03:55Z |
| publishDate | 2020-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-94fd07f0f5c348f79b8084cf30d6a9462022-12-21T22:02:28ZengIEEEIEEE Access2169-35362020-01-01818206518207710.1109/ACCESS.2020.30291909214897Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural NetworksXin Wang0https://orcid.org/0000-0002-2208-1433Shuhui Chen1Jinshu Su2https://orcid.org/0000-0001-9273-616XCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaCollege of Computer Science and Technology, National University of Defense Technology, Changsha, ChinaThe proliferation of handheld devices has led to an explosive growth of mobile traffic volumes on the Internet. Identifying mobile apps from network traffic has become a crucial task for mobile network management and security. Traditionally, the design of accurate identifiers relies on the deep packet inspection (DPI) techniques. However, such approaches have become less effective with the raising adoption of encrypted protocols in mobile applications (mostly TLS). To address the problem, various machine learning methods have been studied and used. Most of them use linear classifiers on top of hand-engineered features, which are unreliable due to the complexity of mobile traffic. In this article we propose App-Net, an end-to-end hybrid neural network for mobile app identification from encrypted TLS traffic. App-Net is designed by combining RNN and CNN in a parallel way and can automatically learn effective features from raw TLS flows. With coordinated fusion and optimized training, the hybrid and multimodal architecture is able to characterize both flow sequence patterns and app signatures to learn a joint flow-app embedding. We evaluate App-Net on a real-world dataset covering 80 apps. The results show that our method can achieve an excellent performance and outperform the state-of-the-art methods.https://ieeexplore.ieee.org/document/9214897/Mobile app identificationencrypted traffic classificationneural networkdeep learning |
| spellingShingle | Xin Wang Shuhui Chen Jinshu Su Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks IEEE Access Mobile app identification encrypted traffic classification neural network deep learning |
| title | Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks |
| title_full | Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks |
| title_fullStr | Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks |
| title_full_unstemmed | Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks |
| title_short | Automatic Mobile App Identification From Encrypted Traffic With Hybrid Neural Networks |
| title_sort | automatic mobile app identification from encrypted traffic with hybrid neural networks |
| topic | Mobile app identification encrypted traffic classification neural network deep learning |
| url | https://ieeexplore.ieee.org/document/9214897/ |
| work_keys_str_mv | AT xinwang automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks AT shuhuichen automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks AT jinshusu automaticmobileappidentificationfromencryptedtrafficwithhybridneuralnetworks |