Malicious Traffic Identification with Self-Supervised Contrastive Learning-Reference-Cited by-同舟云学术

Malicious Traffic Identification with Self-Supervised Contrastive Learning

Published:2023-08-17 Issue:16 Volume:23 Page:7215
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Yang Jin¹²,Jiang Xinyun¹,Liang Gang¹,Li Siyu¹,Ma Zicheng¹

Affiliation:

1. School of Cyber Science and Engineering, Sichuan University, Chengdu 610065, China

2. School of Information Science and Technology, Tibet University, Lhasa 850013, China

Abstract

As the demand for Internet access increases, malicious traffic on the Internet has soared also. In view of the fact that the existing malicious-traffic-identification methods suffer from low accuracy, this paper proposes a malicious-traffic-identification method based on contrastive learning. The proposed method is able to overcome the shortcomings of traditional methods that rely on labeled samples and is able to learn data feature representations carrying semantic information from unlabeled data, thus improving the model accuracy. In this paper, a new malicious traffic feature extraction model based on a Transformer is proposed. Employing a self-attention mechanism, the proposed feature extraction model can extract the bytes features of malicious traffic by performing calculations on the malicious traffic, thereby realizing the efficient identification of malicious traffic. In addition, a bidirectional GLSTM is introduced to extract the timing features of malicious traffic. The experimental results show that the proposed method is superior to the latest published methods in terms of accuracy and F1 score.

Funder

National Natural Science Foundation of China

Sichuan Science and Technology Program

Key Lab of Information Network Security of Ministry of Public Security

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/16/7215/pdf

Reference33 articles.

1. DNS amplification attack revisited;Anagnostopoulos;Comput. Secur.,2013

2. A survey of DDoS attacking techniques and defence mechanisms in the IoT network;Vishwakarma;Telecommun. Syst.,2020

3. (2021, August 16). CNCERT: 2020 Internet Network Security Monitoring Data Analysis Report. Available online: https://www.cert.org.cn/publish/main/upload/File/2020Report.pdf.

4. Anderson, B., and McGrew, D. (2016, January 28). Identifying encrypted malware traffic with contextual flow data. Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, Vienna, Austria.

5. Graph based Encrypted Malicious Traffic Detection with Hybrid Analysis of Multi-view Features;Hong;Inf. Sci.,2023

Cited by 4 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Attention-Driven Transfer Learning Model for Improved IoT Intrusion Detection;Big Data and Cognitive Computing;2024-09-09

2. STI: A self-evolutive traffic identification system for unknown applications based on improved random forest;Computer Communications;2024-04

3. Joint mode selection and resource allocation based on many-to-many reuse in D2D-aided IoT cellular networks;Internet of Things;2024-04

4. TL-IDS: A Transfer Learning Technique for Botnet Detection in IoT;2024 6th International Conference on Computing and Informatics (ICCI);2024-03-06