부산대학교 도서관

Network traffic has increased by a factor of ten due to the meteoric rise of the Internet. The prevalence of encryption methods makes it difficult to identify malicious traffic. Reason being, without being able to decipher encrypted traffic, conventional detection methods are useless. Recent work on detecting harmful encrypted traffic has concentrated on feature extraction and the selection of deep learning techniques rather than on breaking the encryption itself. For the most part, today's edge node devices are responsible for processing massive amounts of data, extracting critical elements of network traffic, and then sending that information on to a cloud server. However, how to more rapidly and precisely identify network traffic remains a hard topic, as mobile terminal tools performance in discovering and categorizing encrypted &malicious traffic lags after. We develop a model of a convolutional-neural-network (CNN) that integrates normalized and attention processes; this model is called I-D-CNN with hexadecimal data (HexCNN-ID). Global-Attention-Block (GAB) and Category-Attention-Block (CAB) are modules of the attention mechanism that help identify and categorize network traffic. Our algorithm is able to recognize most types of network-traffic, plus encrypted &malicious traffic data, by mining efficient load information from hexadecimal network traffic. An average accuracy of 98.8% was found during experimental testing. Our methodology has the potential to significantly enhance the reliability of traffic data recognition in networks.