Research Article
BibTex RIS Cite

Classification of Encrypted Traffic with Machine Learning Algorithms

Year 2025, Issue: Erken Görünüm, 1 - 15

Nur Betül Demirel , Aydin Erden

Abstract

In today's context, due to the transformation of the internet infrastructure and security into a platform where a significant amount of sensitive data is shared in personal, commercial, and military domains, ensuring data security has become vital. Encryption methods and protocols are employed to secure data. While encrypting data is beneficial for users, it can also be utilized by attackers who aim to conceal their activities on the network. This makes it challenging to analyze the traffic content without decrypting encrypted traffic. Properly analyzing and classifying encrypted traffic is a critical necessity for the detection of threats and the implementation of preventive measures. In this context, the classification of traffic using
machine learning techniques, based on variables such as packet sizes and durations, is of importance. This study employs supervised machine learning algorithms including K-Nearest Neighbor, Support Vector Machine, and Logistic Regression, as well as the community learning algorithm, Light Gradient Boosting Machine to classify encrypted network traffic. Comparisons are made between the success rates obtained and the rarely encountered algorithm speeds in the literature. The ISCXVPN2016 dataset, derived from real internet traffic data and containing commonly used classes in network traffic, is utilized in this study. This study presents an effective model proposal in terms of classification success and speed for analyzing and classifying encrypted traffic using machine learning techniques.

Keywords

Machine learning Ensemble learning Encrypted network traffic Traffic classification Cybersecurity

References

  • [1] B. M. Leiner, R. E. Kahn, J. Postel, and L. Kleinrock, “A brief history of the internet,” AC M SIGCO MM Computer Communication Review, vol. 39, no. 5, pp. 22-31, Oct. 2009. doi: 10.1145/1629607.1629613
  • [2] M. Uğurlu, İ. A. Doğru, and R. S. Arslan, “A new classification method for encrypted internet traffic using machine learning,” Turkish Journal of Electrical Engineering and Computer Sciences, vol. 25, no. 9, pp. 2450-2468, 2021. doi: 10.3906/ELK-2011-31
  • [3] E. Cengiz and M. Gök, “Reinforcement learning applications in cyber security: A Review,” Sakarya University Journal of Science, vol. 27, no. 2, pp. 481-503, Apr. 2023. doi: 10.16984/saufenbilder.1237742
  • [4] M. K. Pehlivanoğlu, R. Atay, and D. E. Odabaş, “İki seviyeli hibrit makine öğrenmesi yöntemi ile saldırı tespiti,” Gazi Journal of Engineering Sciences, vol. 5, no. 3, pp. 258-272, Dec. 2019. doi: 10.30855/gmbd.2019.03.07
  • [5] J. A. Caicedo-Muñoz, A. L. Espino, J. C. Corrales, and A. Rendón, “QoS-classifier for VPN and Non-VPN traffic based on time-related features,” Computer Networks, vol. 144, pp. 271-279, Oct. 2018. doi: 10.1016/j.comnet.2018.08.008
  • [6] M. Uğurlu, “Şifrelenmiş internet trafiğinin makine öğrenmesi yaklaşımı ile sınıflandırılması,” Yüksek Lisans Tezi, Gazi Üniversitesi, Fen Bilimleri Enstitüsü, Ankara, 2020
  • [7] G. Drapper-Gil, A. H. Lashkari, M. S. I. Mamun, and A. A. Ghorbani, “Characterization of encrypted and VPN traffic using time-related features,” ICISSP 2016 - Proceedings of the 2nd International Conference on Information Systems Security and Privacy, 19-21 Şubat 2016, Roma, İtalya, SciTePress, pp. 407-414. doi: 10.5220/0005740704070414
  • [8] Y. F. Huang, C. B. Lin, C. M. Chung, and C. M. Chen, “Research on QoS classification of network encrypted traffic behavior based on machine learning,” Electronics (Switzerland), vol. 10, no. 12, Jun. 2021. doi: 10.3390/electronics10121376
  • [9] S. Frankel (NIST), P. Hoffman (Virtual Private Network Consortium), A. Orebaugh (BAH), R. Park (BAH), “NIST SP 800-113 Guide to SSL VPNs.” [Online]. Available: https://csrc.nist.gov/pubs/sp/800/113/final [Accessed: Mar. 24, 2024].
  • [10] N. H. Nguyen, SSL/TLS interception challenge from the shadow to the light, SANS Institute, 2019.
  • [11] S. Frankel, P. Hoffman, A. Orebaugh, and R. Park, NIST-“Guide to SSL VPNs,” Recommendations of the National Institute of Standards and Technology. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-113.pdf [Accessed: Mar. 21, 2024].
  • [12] Cisco, “Chapter: Traffic Classification,” www.cisco.com. [Online]. Available: https://www.cisco.com/c/en/us/td/docs/nsite/enterprise/wan/wan_optimization/wan_opt_sg/chap05.html. [Accessed: Mar. 7, 2024].
  • [13] R. T. Elmaghraby, N. M. Abdel Aziem, M. A. Sobh, and A. M. Bahaa-Eldin, “Encrypted network traffic classification based on machine learning,” Ain Shams Engineering Journal, vol. 15, no. 2, 2023. doi: 10.1016/j.asej.2023.102361
  • [14] Internet Assigned Numbers Authority, “Service name and transport protocol port number registry,” www.iana.org. [Online]. Available: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. [Accessed: Mar. 19, 2024].
  • [15] D. T. Ergönül and O. Demir, “Real-time encrypted traffic classification with deep learning,” Sakarya University Journal of Science, vol. 26, no. 2, pp. 313-332, Apr. 2022. doi: 10.16984/saufenbilder.1026502
  • [16] A. Azab, M. Khasawneh, S. Alrabaee, K. K. Choo, and M. Sarsour, “Network traffic classification: Techniques, Datasets, and Challenges,” Digital Communications and Networks. KeAi Communications Co., Sep. 2022. doi: 10.1016/j.dcan.2022.09.009
  • [17] V. A Muliukha, L. U Laboshin, and A. Lukashin, “Analysis and classification of encrypted network traffic using machine learning,” XXIII International Conference on Soft Computing and Measurements, 27-29 May. 2020, Saint Petersburg, Russia, pp. 194-197. doi: 10.1109/SCM50615.2020.9198811
  • [18] A. Lichy, O. Bader, R. Dubin, A. Dvir, and C. Hajaj, “When an RF beats a CNN and GRU, together-a comparison of deep learning and classical machine learning approaches for encrypted malware traffic classification,” Jun. 2022. [Online]. Available: http://arxiv.org/abs/2206.08004
  • [19] T. C. Obasi, “Encrypted network traffic classification using ensemble learning techniques,” Ph.D. dissertation, Carleton University, Ottawa, Ontario, Canada, 2020. doi: 10.22215/etd/2020-14171
  • [20] G. Abbas, U. Farooq, P. Singh, S. S. Khurana, and P. Singh, “Feature engineering and ensemble learning-based classification of VPN and Non-VPN based network traffic over temporal features,” SN Comput Science, vol. 4, Sep. 2023. doi: 10.1007/s42979-023-01944-5
  • [21] U. Majeed, L. U. Khan, and C. Seon Hong, “Cross-silo horizontal federated learning for flow-based time-related-features oriented traffic classification,” APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity, 23-25 Eylül 2020, Daegu, Güney Kore, pp. 389-392. doi: 10.23919/APNOMS50412.2020.9236971
  • [22] R. Bozkır, “Şifreli ağ trafiğinin içerik açısından sınıflandırılması,” Yüksek Lisans Tezi, Bursa Uludağ Üniversitesi, Fen Bilimleri Enstitüsü, Bursa, 2022. [23] B. Yamansavascilar, M. A. Guvensan, A. G. Yavuz, and M. E. Karsligil, “Application identification via network traffic classification,” 2017 International Conference on Computing, Networking and Communications, 26-29 Ocak 2017, Santa Clara, CA, ABD, pp. 843-848. doi: 10.1109/ICCNC.2017.7876241.
  • [24] S. Bagui, X. Fang, E. Kalimantan, S. C. Bagui, and J. Sheehan, “Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features,” Journal of Cyber Security Technology, vol. 1, no. 2, pp. 108-126, Apr. 2017. doi: 10.1080/23742917.2017.1321891.
  • [25] M. Lotfollahi, M. Jafari Siavoshani, R. Shirali Hossein Zade, and M. Saberian, “Deep packet: A Novel Approach for Encrypted Traffic Classification using Deep Learning,” Soft Comput, vol. 24, no. 3, pp. 1999-2012, Feb. 2019. doi: 10.1007/s00500-019-04030-2
  • [26] T. Shapira and Y. Shavitt, “Encrypted internet traffic classification is as easy as image recognition,” IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops, 29 Nisan - 2 Mayıs 2019, Paris, France, pp. 680-687. doi: 10.1109/INFCOMW.2019.8845315.
  • [27] F Zhang, T Shang, and J Liu, “Imbalanced encrypted traffic classification scheme using random forest,” 2020 International Conferences, Rhodes, Greece, pp. 837-842, 2020. doi: 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics50389.2020.00142
  • [28] L. Guo, Q. Wu, S. Liu, M. Duan, H. Li, and J. Sun, “Deep learning-based real-time VPN encrypted traffic identification methods,” Journal of Real-Time Image Processing 17, Springer, pp. 103-114, Feb. 2020. doi: 10.1007/s11554-019-00930-6
  • [29] J. Cheng, R. He, E. Yuepeng, Y. Wu, J. You, and T. Li, “Real-time encrypted traffic classification via lightweight neural networks,” 2020 IEEE Global Communications Conference, GLOBECOM 2020 - Proceedings, Institute of Electrical and Electronics Engineers Inc., 7-11 Aralık 2020, Taipei, Tayvan, pp. 1-6. doi: 10.1109/GLOBECOM42002.2020.9322309
  • [30] K. Zhou, W. Wang, C. Wu, and T. Hu, “Practical evaluation of encrypted traffic classification based on a combined method of entropy estimation and neural networks,” ETRI Journal, vol. 42, no. 3, pp. 311-323, Jun. 2020. doi: 10.4218/etrij.2019-0190
  • [31] Z. Bu, B. Zhou, P. Cheng, K. Zhang, and Z. H. Ling, “Encrypted network traffic classification using deep and parallel network-in-network models,” IEEE Access, vol. 8, pp. 132950-132959, 2020. doi: 10.1109/ACCESS.2020.3010637
  • [32] A. A. Afuwape, Y. Xu, J. H. Anajemba, and G. Srivastava, “Performance evaluation of secured network traffic classification using a machine learning approach,” Comput. Stand. Interfaces, vol. 78, Oct. 2021. doi: 10.1016/j.csi.2021.103545
  • [33] K. Ismailaj, M. Camelo, and S. Latré, "When deep learning may not be the right tool for traffic classification," in Proc. of the 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM), May 2021, Bordeaux, France, pp. 884-889. Available: IEEE Xplore, https://ieeexplore.ieee.org/abstract/document/9463927
  • [34] A. Almomani, “Classification of virtual private networks encrypted traffic using ensemble learning algorithms,” Egyptian Informatics Journal, vol. 23, no. 4, pp. 57–68, Dec. 2022. doi: 10.1016/j.eij.2022.06.006
  • [35] A. S. Khatouni and N. Z. Heywood, " Integrating machine learning with off-the-shelf traffic flow features for HTTP/HTTPS traffic classification," 2019 IEEE Symposium on Computers and Communications (ISCC), 29 Haziran - 3 Temmuz 2019, Barc., Spain, pp. 1-7. doi: 10.1109/ISCC47284.2019.8969578
  • [36] A. Aydın, “Topluluk öğrenmesi kullanılarak zararlı alan adlarının sınıflandırılması,” Yüksek Lisans Tezi, Marmara Üniversitesi, Fen Bilimleri Enstitüsü, İstanbul, 2023.
  • [37] K. Eker, A. G. Eker, D. Mandal, M. Pehlivanoglu, and N. Duru, “Makine öğrenmesi yaklaşımları ile ağ trafik sınıflandırılması,” 7th International Conference on Computer Science and Engineering, UBMK 2022, 14-16 Eylül 2022, Diyarbakır, Türkiye, pp. 393-397. doi: 10.1109/UBMK55850.2022.9919497
  • [38] Y. Alaca, “Siber güvenlikte CIC-Darknet2020 veri seti kullanarak VPN/NoVPN ve Tor/NoTor sınıflandırması: Basit ve Karmaşık Modellerin Kullanımı,” Fırat Üniversitesi Müh. Bilimleri Dergisi, vol. 35, no. 2, pp. 569-579 Jul. 2023. doi: 10.35234/fumbd.1291388
  • [39] M. Uǧurlu, İ. A. Doǧru, and R. S. Arslan, “Detection and classification of darknet traffic using machine learning methods,” Journal of the Faculty of Engineering and Architecture of Gazi University, vol. 38, no. 3, pp. 1737–1746, 2023. doi: 10.17341/gazimmfd.1023147
  • [40] E. G. İlgün, Y. Sönmez, and M. Dener, “DarkWEB traffic detection and classification using machine learning method,” Gazi Journal of Engineering Sciences, vol. 9, no. 4, pp. 126-140, 2023. doi: 10.30855/gmbd.0705S13
  • [41] A. Zheng and A. Casari, “Feature engineering for machine learning: Principles and Techniques for Data Scientists,” Chapter 2-Feature Selection, Almanya: O’Reilly Media. 2018.
  • [42] L. Yang and A. Shami, “On hyperparameter optimization of machine learning algorithms: Theory and Practice,” Neurocomputing, vol. 415, pp. 295-316, Nov. 2020. doi: 10.1016/j.neucom.2020.07.061
  • [43] J. Bergstra and Y. Bengio, “Random search for hyper-parameter optimization,” 2012. [Online]. Available: http://scikit-learn.sourceforge.net. [Accessed: March 05, 2024].
  • [44] C. Schaffer, “Selecting a classification method by cross-validation,” Mach Learn 13, 135-143, 1993. doi: 10.1007/BF00993106
  • [45] X. Deng, Q. Liu, Y. Deng, and S. Mahadevan, “An improved method to construct basic probability assignment based on the confusion matrix for classification problem,” Inf Sci (N Y), vol. 340–341, pp. 250-261, May 2016. doi: 10.1016/j.ins.2016.01.033

Makine Öğrenmesi Algoritmaları ile Şifreli Trafiğin Sınıflandırılması

Year 2025, Issue: Erken Görünüm, 1 - 15

Nur Betül Demirel , Aydin Erden

Abstract

Günümüzde, internet altyapısı ve güvenliği kişisel, ticari ve askeri alanlarda birçok hassas verinin paylaşıldığı bir platforma dönüşmesi nedeniyle hayati bir önem kazanmıştır. Veri güvenliğinin sağlanması maksadı ile şifreleme yöntemleri ve protokolleri kullanılmaktadır. Verinin şifrelenmesi kullanıcılar için yararlı olsa da aynı zamanda ağdaki faaliyetlerini gizlemek isteyen saldırganlar tarafından da kullanılabilmektedir. Bu durum, şifreli trafiği deşifreleme yapmadan trafik içeriğini analiz etmeyi zorlaştırmaktadır. Şifreli trafiği doğru bir şekilde analiz etmek ve sınıflandırmak, tehditlerin tespit edilmesi ve önleyici tedbirlerin alınması açısından kritik bir gerekliliktir. Bu bağlamda paket boyutları, süre gibi değişkenler kullanılarak makine öğrenmesi teknikleri ile trafiğin sınıflandırılması önem arz etmektedir. Bu çalışmada, denetimli makine öğrenmesi algoritmalarından K-En Yakın Komşu, Destek Vektör Makinesi ve Lojistik Regresyon algoritmaları ile topluluk öğrenmesi algoritmalarından Hafif Gradyan Artırma Makinesi algoritması kullanılarak şifreli ağ trafiğinin sınıflandırılması sağlanmıştır. Elde edilen başarı oranlarının ve literatürde nadiren karşılaşılan algoritma hızlarının karşılaştırmaları yapılmıştır. Çalışma kapsamında, ağ trafiğinde yaygın olarak kullanılan sınıfları içeren ve gerçek internet trafik verilerinden elde edilmiş olan
ISCXVPN2016 veri seti kullanılmıştır. Bu çalışma, şifreli trafiği etkili bir şekilde analiz etmek ve sınıflandırmak için makine öğrenmesi tekniklerini kullanarak sınıflandırma başarısı ve hız açısından etkin bir model önerisi sunmaktadır.

Keywords

Makine öğrenmesi Topluluk öğrenmesi Şifreli ağ trafiği Trafik sınıflandırma Siber güvenlik

References

  • [1] B. M. Leiner, R. E. Kahn, J. Postel, and L. Kleinrock, “A brief history of the internet,” AC M SIGCO MM Computer Communication Review, vol. 39, no. 5, pp. 22-31, Oct. 2009. doi: 10.1145/1629607.1629613
  • [2] M. Uğurlu, İ. A. Doğru, and R. S. Arslan, “A new classification method for encrypted internet traffic using machine learning,” Turkish Journal of Electrical Engineering and Computer Sciences, vol. 25, no. 9, pp. 2450-2468, 2021. doi: 10.3906/ELK-2011-31
  • [3] E. Cengiz and M. Gök, “Reinforcement learning applications in cyber security: A Review,” Sakarya University Journal of Science, vol. 27, no. 2, pp. 481-503, Apr. 2023. doi: 10.16984/saufenbilder.1237742
  • [4] M. K. Pehlivanoğlu, R. Atay, and D. E. Odabaş, “İki seviyeli hibrit makine öğrenmesi yöntemi ile saldırı tespiti,” Gazi Journal of Engineering Sciences, vol. 5, no. 3, pp. 258-272, Dec. 2019. doi: 10.30855/gmbd.2019.03.07
  • [5] J. A. Caicedo-Muñoz, A. L. Espino, J. C. Corrales, and A. Rendón, “QoS-classifier for VPN and Non-VPN traffic based on time-related features,” Computer Networks, vol. 144, pp. 271-279, Oct. 2018. doi: 10.1016/j.comnet.2018.08.008
  • [6] M. Uğurlu, “Şifrelenmiş internet trafiğinin makine öğrenmesi yaklaşımı ile sınıflandırılması,” Yüksek Lisans Tezi, Gazi Üniversitesi, Fen Bilimleri Enstitüsü, Ankara, 2020
  • [7] G. Drapper-Gil, A. H. Lashkari, M. S. I. Mamun, and A. A. Ghorbani, “Characterization of encrypted and VPN traffic using time-related features,” ICISSP 2016 - Proceedings of the 2nd International Conference on Information Systems Security and Privacy, 19-21 Şubat 2016, Roma, İtalya, SciTePress, pp. 407-414. doi: 10.5220/0005740704070414
  • [8] Y. F. Huang, C. B. Lin, C. M. Chung, and C. M. Chen, “Research on QoS classification of network encrypted traffic behavior based on machine learning,” Electronics (Switzerland), vol. 10, no. 12, Jun. 2021. doi: 10.3390/electronics10121376
  • [9] S. Frankel (NIST), P. Hoffman (Virtual Private Network Consortium), A. Orebaugh (BAH), R. Park (BAH), “NIST SP 800-113 Guide to SSL VPNs.” [Online]. Available: https://csrc.nist.gov/pubs/sp/800/113/final [Accessed: Mar. 24, 2024].
  • [10] N. H. Nguyen, SSL/TLS interception challenge from the shadow to the light, SANS Institute, 2019.
  • [11] S. Frankel, P. Hoffman, A. Orebaugh, and R. Park, NIST-“Guide to SSL VPNs,” Recommendations of the National Institute of Standards and Technology. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-113.pdf [Accessed: Mar. 21, 2024].
  • [12] Cisco, “Chapter: Traffic Classification,” www.cisco.com. [Online]. Available: https://www.cisco.com/c/en/us/td/docs/nsite/enterprise/wan/wan_optimization/wan_opt_sg/chap05.html. [Accessed: Mar. 7, 2024].
  • [13] R. T. Elmaghraby, N. M. Abdel Aziem, M. A. Sobh, and A. M. Bahaa-Eldin, “Encrypted network traffic classification based on machine learning,” Ain Shams Engineering Journal, vol. 15, no. 2, 2023. doi: 10.1016/j.asej.2023.102361
  • [14] Internet Assigned Numbers Authority, “Service name and transport protocol port number registry,” www.iana.org. [Online]. Available: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml. [Accessed: Mar. 19, 2024].
  • [15] D. T. Ergönül and O. Demir, “Real-time encrypted traffic classification with deep learning,” Sakarya University Journal of Science, vol. 26, no. 2, pp. 313-332, Apr. 2022. doi: 10.16984/saufenbilder.1026502
  • [16] A. Azab, M. Khasawneh, S. Alrabaee, K. K. Choo, and M. Sarsour, “Network traffic classification: Techniques, Datasets, and Challenges,” Digital Communications and Networks. KeAi Communications Co., Sep. 2022. doi: 10.1016/j.dcan.2022.09.009
  • [17] V. A Muliukha, L. U Laboshin, and A. Lukashin, “Analysis and classification of encrypted network traffic using machine learning,” XXIII International Conference on Soft Computing and Measurements, 27-29 May. 2020, Saint Petersburg, Russia, pp. 194-197. doi: 10.1109/SCM50615.2020.9198811
  • [18] A. Lichy, O. Bader, R. Dubin, A. Dvir, and C. Hajaj, “When an RF beats a CNN and GRU, together-a comparison of deep learning and classical machine learning approaches for encrypted malware traffic classification,” Jun. 2022. [Online]. Available: http://arxiv.org/abs/2206.08004
  • [19] T. C. Obasi, “Encrypted network traffic classification using ensemble learning techniques,” Ph.D. dissertation, Carleton University, Ottawa, Ontario, Canada, 2020. doi: 10.22215/etd/2020-14171
  • [20] G. Abbas, U. Farooq, P. Singh, S. S. Khurana, and P. Singh, “Feature engineering and ensemble learning-based classification of VPN and Non-VPN based network traffic over temporal features,” SN Comput Science, vol. 4, Sep. 2023. doi: 10.1007/s42979-023-01944-5
  • [21] U. Majeed, L. U. Khan, and C. Seon Hong, “Cross-silo horizontal federated learning for flow-based time-related-features oriented traffic classification,” APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity, 23-25 Eylül 2020, Daegu, Güney Kore, pp. 389-392. doi: 10.23919/APNOMS50412.2020.9236971
  • [22] R. Bozkır, “Şifreli ağ trafiğinin içerik açısından sınıflandırılması,” Yüksek Lisans Tezi, Bursa Uludağ Üniversitesi, Fen Bilimleri Enstitüsü, Bursa, 2022. [23] B. Yamansavascilar, M. A. Guvensan, A. G. Yavuz, and M. E. Karsligil, “Application identification via network traffic classification,” 2017 International Conference on Computing, Networking and Communications, 26-29 Ocak 2017, Santa Clara, CA, ABD, pp. 843-848. doi: 10.1109/ICCNC.2017.7876241.
  • [24] S. Bagui, X. Fang, E. Kalimantan, S. C. Bagui, and J. Sheehan, “Comparison of machine-learning algorithms for classification of VPN network traffic flow using time-related features,” Journal of Cyber Security Technology, vol. 1, no. 2, pp. 108-126, Apr. 2017. doi: 10.1080/23742917.2017.1321891.
  • [25] M. Lotfollahi, M. Jafari Siavoshani, R. Shirali Hossein Zade, and M. Saberian, “Deep packet: A Novel Approach for Encrypted Traffic Classification using Deep Learning,” Soft Comput, vol. 24, no. 3, pp. 1999-2012, Feb. 2019. doi: 10.1007/s00500-019-04030-2
  • [26] T. Shapira and Y. Shavitt, “Encrypted internet traffic classification is as easy as image recognition,” IEEE INFOCOM 2019 - IEEE Conference on Computer Communications Workshops, 29 Nisan - 2 Mayıs 2019, Paris, France, pp. 680-687. doi: 10.1109/INFCOMW.2019.8845315.
  • [27] F Zhang, T Shang, and J Liu, “Imbalanced encrypted traffic classification scheme using random forest,” 2020 International Conferences, Rhodes, Greece, pp. 837-842, 2020. doi: 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics50389.2020.00142
  • [28] L. Guo, Q. Wu, S. Liu, M. Duan, H. Li, and J. Sun, “Deep learning-based real-time VPN encrypted traffic identification methods,” Journal of Real-Time Image Processing 17, Springer, pp. 103-114, Feb. 2020. doi: 10.1007/s11554-019-00930-6
  • [29] J. Cheng, R. He, E. Yuepeng, Y. Wu, J. You, and T. Li, “Real-time encrypted traffic classification via lightweight neural networks,” 2020 IEEE Global Communications Conference, GLOBECOM 2020 - Proceedings, Institute of Electrical and Electronics Engineers Inc., 7-11 Aralık 2020, Taipei, Tayvan, pp. 1-6. doi: 10.1109/GLOBECOM42002.2020.9322309
  • [30] K. Zhou, W. Wang, C. Wu, and T. Hu, “Practical evaluation of encrypted traffic classification based on a combined method of entropy estimation and neural networks,” ETRI Journal, vol. 42, no. 3, pp. 311-323, Jun. 2020. doi: 10.4218/etrij.2019-0190
  • [31] Z. Bu, B. Zhou, P. Cheng, K. Zhang, and Z. H. Ling, “Encrypted network traffic classification using deep and parallel network-in-network models,” IEEE Access, vol. 8, pp. 132950-132959, 2020. doi: 10.1109/ACCESS.2020.3010637
  • [32] A. A. Afuwape, Y. Xu, J. H. Anajemba, and G. Srivastava, “Performance evaluation of secured network traffic classification using a machine learning approach,” Comput. Stand. Interfaces, vol. 78, Oct. 2021. doi: 10.1016/j.csi.2021.103545
  • [33] K. Ismailaj, M. Camelo, and S. Latré, "When deep learning may not be the right tool for traffic classification," in Proc. of the 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM), May 2021, Bordeaux, France, pp. 884-889. Available: IEEE Xplore, https://ieeexplore.ieee.org/abstract/document/9463927
  • [34] A. Almomani, “Classification of virtual private networks encrypted traffic using ensemble learning algorithms,” Egyptian Informatics Journal, vol. 23, no. 4, pp. 57–68, Dec. 2022. doi: 10.1016/j.eij.2022.06.006
  • [35] A. S. Khatouni and N. Z. Heywood, " Integrating machine learning with off-the-shelf traffic flow features for HTTP/HTTPS traffic classification," 2019 IEEE Symposium on Computers and Communications (ISCC), 29 Haziran - 3 Temmuz 2019, Barc., Spain, pp. 1-7. doi: 10.1109/ISCC47284.2019.8969578
  • [36] A. Aydın, “Topluluk öğrenmesi kullanılarak zararlı alan adlarının sınıflandırılması,” Yüksek Lisans Tezi, Marmara Üniversitesi, Fen Bilimleri Enstitüsü, İstanbul, 2023.
  • [37] K. Eker, A. G. Eker, D. Mandal, M. Pehlivanoglu, and N. Duru, “Makine öğrenmesi yaklaşımları ile ağ trafik sınıflandırılması,” 7th International Conference on Computer Science and Engineering, UBMK 2022, 14-16 Eylül 2022, Diyarbakır, Türkiye, pp. 393-397. doi: 10.1109/UBMK55850.2022.9919497
  • [38] Y. Alaca, “Siber güvenlikte CIC-Darknet2020 veri seti kullanarak VPN/NoVPN ve Tor/NoTor sınıflandırması: Basit ve Karmaşık Modellerin Kullanımı,” Fırat Üniversitesi Müh. Bilimleri Dergisi, vol. 35, no. 2, pp. 569-579 Jul. 2023. doi: 10.35234/fumbd.1291388
  • [39] M. Uǧurlu, İ. A. Doǧru, and R. S. Arslan, “Detection and classification of darknet traffic using machine learning methods,” Journal of the Faculty of Engineering and Architecture of Gazi University, vol. 38, no. 3, pp. 1737–1746, 2023. doi: 10.17341/gazimmfd.1023147
  • [40] E. G. İlgün, Y. Sönmez, and M. Dener, “DarkWEB traffic detection and classification using machine learning method,” Gazi Journal of Engineering Sciences, vol. 9, no. 4, pp. 126-140, 2023. doi: 10.30855/gmbd.0705S13
  • [41] A. Zheng and A. Casari, “Feature engineering for machine learning: Principles and Techniques for Data Scientists,” Chapter 2-Feature Selection, Almanya: O’Reilly Media. 2018.
  • [42] L. Yang and A. Shami, “On hyperparameter optimization of machine learning algorithms: Theory and Practice,” Neurocomputing, vol. 415, pp. 295-316, Nov. 2020. doi: 10.1016/j.neucom.2020.07.061
  • [43] J. Bergstra and Y. Bengio, “Random search for hyper-parameter optimization,” 2012. [Online]. Available: http://scikit-learn.sourceforge.net. [Accessed: March 05, 2024].
  • [44] C. Schaffer, “Selecting a classification method by cross-validation,” Mach Learn 13, 135-143, 1993. doi: 10.1007/BF00993106
  • [45] X. Deng, Q. Liu, Y. Deng, and S. Mahadevan, “An improved method to construct basic probability assignment based on the confusion matrix for classification problem,” Inf Sci (N Y), vol. 340–341, pp. 250-261, May 2016. doi: 10.1016/j.ins.2016.01.033
There are 44 citations in total.

Details

Primary Language Turkish
Subjects Computer Software
Journal Section Research Articles
Authors

Nur Betül Demirel 0009-0001-9782-2507

Aydin Erden 0000-0002-5124-8335

Early Pub Date April 14, 2025
Publication Date
Submission Date June 4, 2024
Acceptance Date January 23, 2025
Published in Issue Year 2025 Issue: Erken Görünüm

Cite

IEEE N. B. Demirel and A. Erden, “Makine Öğrenmesi Algoritmaları ile Şifreli Trafiğin Sınıflandırılması”, GJES, no. Erken Görünüm, pp. 1–15, April 2025.
 Download Cover Image

GJES is indexed and archived by:

3311333114331153311633117

Gazi Journal of Engineering Sciences (GJES) publishes open access articles under a Creative Commons Attribution 4.0 International License (CC BY) 1366_2000-copia-2.jpg