Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

Advertisement

Springer Nature Link
Log in

Mutated traffic detection and recovery: an adversarial generative deep learning approach

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

Machine learning (ML)-based traffic classification is evolving into a well-established research domain. Considering statistical characteristics of the traffic flows, ML-based classification methods have succeeded in even classifying encrypted traffic. However, recent research efforts have emerged, for privacy preservation, where traffic obfuscation is being considered as a way to hide traffic characteristics preventing traffic classification. Traffic mutation is one such obfuscation technique that consists of modifying the flow packet sizes and inter-arrival times. However, at the same time, these techniques can be used by malicious attackers to hide their attack traffic and avoid detection. In this paper, we propose a deep learning (DL) model to detect mutated traffic and recover the original one. The experimental results show the effectiveness of the proposed model in detecting mutated traffic with a detection rate up to 95%, on average, and denoising recovery loss less than 3 × 10− 1.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Tensorflow. https://www.tensorflow.org/. Accessed 24 Sept 2019

  2. Bai L, Yao L, Kanhere SS, Wang X, Yang Z (2018) Automatic device classification from network traffic streams of internet of things. In: 2018 IEEE 43rd conference on local computer networks (LCN). IEEE, pp 1–9

  3. Bezawada B, Bachani M, Peterson J, Shirazi H, Ray I, Ray I (2018) Iotsense: behavioral fingerprinting of iot devices. arXiv:1804.03852

  4. Chaddad L, Chehab A, Elhajj IH, Kayssi A (2019) Mobile traffic anonymization through probabilistic distribution. In: 2019 22nd conference on innovation in clouds, internet and networks and workshops (ICIN). IEEE, pp 242–248

  5. Dabbagh YS, Saad W (2019) Authentication of wireless devices in the internet of things: learning and environmental effects. IEEE Internet of Things Journal

  6. Das R, Gadre A, Zhang S, Kumar S, Moura JM (2018) A deep learning approach to iot authentication. In: 2018 IEEE international conference on communications (ICC). IEEE, pp 1–6

  7. Deecke L, Vandermeulen R, Ruff L, Mandt S, Kloft M (2018) Image anomaly detection with generative adversarial networks. In: Joint European conference on machine learning and knowledge discovery in databases. Springer, pp 3–17

  8. Dyer KP, Coull SE, Ristenpart T, Shrimpton T (2012) Peek-a-boo, i still see you: why efficient traffic analysis countermeasures fail. In: 2012 IEEE symposium on security and privacy. IEEE, pp 332–346

  9. Fu X, Graham B, Bettati R, Zhao W (2003) On effectiveness of link padding for statistical traffic analysis attacks. In: 23rd international conference on distributed computing systems, 2003. Proceedings. IEEE, pp 340–347

  10. Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y (2014) Generative adversarial nets. In: Advances in neural information processing systems, pp 2672–2680

  11. Kawai H, Ata S, Nakamura N, Oka I (2017) Identification of communication devices from analysis of traffic patterns. In: 2017 13th international conference on network and service management (CNSM). IEEE, pp 1–5

  12. Li D, Chen D, Goh J, Ng SK (2018) Anomaly detection with generative adversarial networks for multivariate time series. arXiv:1809.04758

  13. Li H, Li B, Tan S, Huang J (2018) Detection of deep network generated images using disparities in color components. arXiv:1808.07276

  14. Marchal S, Miettinen M, Nguyen TD, Sadeghi AR, Asokan N (2019) Audi: toward autonomous iot device-type identification using periodic communication. IEEE Journal on Selected Areas in Communications 37(6):1402–1412

    Article  Google Scholar 

  15. Meidan Y, Bohadana M, Shabtai A, Guarnizo JD, Ochoa M, Tippenhauer NO, Elovici Y (2017) Profiliot: a machine learning approach for iot device identification based on network traffic analysis. In: Proceedings of the symposium on applied computing. ACM, pp 506–509

  16. Mescheder L, Nowozin S, Geiger A (2017) Adversarial variational bayes: unifying variational autoencoders and generative adversarial networks. In: Proceedings of the 34th international conference on machine learning, vol 70. JMLR. org, pp 2391–2400

  17. Miettinen M, Marchal S, Hafeez I, Asokan N, Sadeghi AR, Tarkoma S (2017) Iot sentinel: automated device-type identification for security enforcement in iot. In: 2017 IEEE 37th international conference on distributed computing systems (ICDCS). IEEE, pp 2177–2184

  18. Nguyen TD, Marchal S, Miettinen M, Fereidooni H, Asokan N, Sadeghi A (2019) DÏot: a federated self-learning anomaly detection system for iot. In: 2019 IEEE 39th international conference on distributed computing systems (ICDCS), pp 756–767

  19. Noguchi H, Kataoka M, Yamato Y (2019) Device identification based on communication analysis for the internet of things. IEEE Access 7:52,903–52,912

    Article  Google Scholar 

  20. Ortiz J, Crawford C, Le F (2019) Devicemien: network device behavior modeling for identifying unknown iot devices. In: Proceedings of the international conference on internet of things design and implementation. ACM, pp 106–117

  21. Qu B, Zhang Z, Guo L, Zhu X, Guo L, Meng D (2012) An empirical study of morphing on network traffic classification. In: 7th international conference on communications and networking in China. IEEE, pp 227–232

  22. Qu B, Zhang Z, Zhu X, Meng D (2015) An empirical study of morphing on behavior-based network traffic classification. Secur Commun Netw 8(1):68–79

    Article  Google Scholar 

  23. Rezende ERSD, Ruppert GCS, Carvalho T (2017) Detecting computer generated images with deep convolutional neural networks. In: 2017 30th SIBGRAPI conference on graphics, patterns and images (SIBGRAPI), pp 71–78, DOI https://doi.org/10.1109/SIBGRAPI.2017.16, (to appear in print)

  24. Salman O, Elhajj IH, Chehab A, Kayssi A (2019) A machine learning based framework for iot device identification and abnormal traffic detection. Trans Emerg Telecommun Technol 0(0):e3743. https://doi.org/10.1002/ett.3743

    Article  Google Scholar 

  25. Salman O, Elhajj IH, Chehab A, Kayssi A (2018) A multi-level internet traffic classifier using deep learning. In: 2018 9th international conference on the network of the future (NOF), pp 68–75. IEEE

  26. Salman O, Elhajj IH, Kayssi A, Chehab A (2019) Denoising adversarial autoencoder for obfuscated traffic detection and recovery. In: International conference on machine learning for networking, pp 99–116. Springer

  27. Salman O, Elhajj IH, Kayssi A, Chehab A (2020) A review on machine learning–based approaches for internet traffic classification. Ann Telecommun 75:673–710

    Article  Google Scholar 

  28. Seibold C, Samek W, Hilsmann A, Eisert P (2017) Detection of face morphing attacks by deep learning. In: International workshop on digital watermarking. Springer, pp 107–120

  29. Sivanathan A, Gharakheili HH, Loi F, Radford A, Wijenayake C, Vishwanath A, Sivaraman V (2018) Classifying iot devices in smart environments using network traffic characteristics. IEEE Trans Mobile Comput

  30. Tripathi S, Lipton ZC, Nguyen TQ (2018) Correction by projection: denoising images with generative adversarial networks. arXiv:1803.04477

  31. Vu HS, Ueta D, Hashimoto K, Maeno K, Pranata S, Shen SM (2019) Anomaly detection with adversarial dual autoencoders. arXiv:1902.06924

  32. Warde-Farley D, Bengio Y (2016) Improving generative adversarial networks with denoising feature matching

  33. Yang K, Li Q, Sun L (2019) Towards automatic fingerprinting of iot devices in the cyberspace. Comput Netw 148:318–327

    Article  Google Scholar 

  34. Zenati H, Foo CS, Lecouat B, Manek G, Chandrasekhar VR (2018) Efficient gan-based anomaly detection. arXiv:1802.06222

  35. Hui S, Wang H, Xu D, Wu J, Li Y, Jin D (2021) Distinguishing between smartphones and IoT devices via network traffic. IEEE Internet of Things Journal

  36. Babun L, Aksu H, Ryan L, Akkaya K, Bentley ES, Uluagac AS (2020) Z-iot: passive device-class fingerprinting of zigbee and z-wave iot devices ICC 2020-2020. IEEE Int Conf Commun (ICC):1–7

  37. Sánchez PMS, Valero JMJ, Celdrán AH, Bovet G, Pérez MG, Pérez GM (2021) A survey on device behavior fingerprinting: data sources, techniques, application scenarios, and datasets. IEEE Commun Surv Tutor

  38. Acar A, Fereidooni H, Abera T, Sikder AK, Miettinen M, Aksu H, Conti M, Sadeghi A-R, Uluagac S (2020) Peek-a-boo: I see your smart home activities, even encrypted!. In: Proceedings of the 13th ACM conference on security and privacy in wireless, mobile networks, pp 207–218

  39. Charyyev B, Gunes MH (2020) Iot event classification based on network traffic. In: IEEE INFOCOM 2020-IEEE conference on computer communications workshops (INFOCOM WKSHPS), pp 854–859

  40. Chaddad L, Chehab A, Elhajj IH, Kayssi A (2021) Optimal packet camouflage against traffic analysis. ACM Trans Priv Secur (TOPS) 24:1–23

    Article  Google Scholar 

  41. Han D, Wang Z, Zhong Y, Chen W, Yang J, Lu S, Shi X, Yin X (2021) Evaluating and improving adversarial robustness of machine learning-based network intrusion detectors. IEEE J Sel Areas Commun

  42. Park D, Yener B (2020) A survey on practical adversarial examples for malware classifiers. Reversing and Offensive-Oriented Trends Symposium:23–35

  43. Olaimat MN, Maarof MA, Al-rimy BAS (2021) Ransomware anti-analysis and evasion techniques: a survey and research directions. In: 2021 3rd international cyber resilience conference (CRC), pp 1–6

  44. Salman O, Elhajj I, Chehab A, Kayssi A (2018) IoT survey: an SDN and fog computing perspective. Comput Netw 143:221–246

    Article  Google Scholar 

  45. Moore SJ, Nugent CD, Zhang S, Cleland I (2020) IoT reliability: a review leading to 5 key research directions CCF. Trans Pervasive Comput Interact 2:147–163

    Article  Google Scholar 

  46. Salman O, Elhajj IH, Chehab A, Kayssi A (2019) A machine learning based framework for IoT device identification and abnormal traffic detection. Trans Emerg Telecommun Technol: e3743

Download references

Funding

Research funded by the AUB University Research Board, the Lebanese National Council for Scientific Research, and TELUS Corp., Canada.

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, American University of Beirut, Beirut, 1107 2020, Lebanon

    Ola Salman, Imad H. Elhajj, Ayman Kayssi & Ali Chehab

Authors
  1. Ola Salman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Imad H. Elhajj
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ayman Kayssi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ali Chehab
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ola Salman.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Salman, O., Elhajj, I.H., Kayssi, A. et al. Mutated traffic detection and recovery: an adversarial generative deep learning approach. Ann. Telecommun. 77, 395–406 (2022). https://doi.org/10.1007/s12243-022-00909-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-022-00909-8

Keywords

Search

Navigation