Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction

With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. T...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Symmetry (Basel) 2024-06, Vol.16 (6), p.733
Hauptverfasser:	Jung, In-Su, Song, Yu-Rae, Jilcha, Lelisa Adeba, Kim, Deuk-Hun, Im, Sun-Young, Shim, Shin-Woo, Kim, Young-Hwan, Kwak, Jin
Format:	Artikel
Sprache:	eng
Schlagworte:	Accuracy Algorithms Classification Communications traffic Data analysis Data encryption Encryption Graph neural networks Hypertext Machine learning Metadata Neural networks Security Traffic analysis Web browsers
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue	6
container_start_page	733
container_title	Symmetry (Basel)
container_volume	16
creator	Jung, In-Su Song, Yu-Rae Jilcha, Lelisa Adeba Kim, Deuk-Hun Im, Sun-Young Shim, Shin-Woo Kim, Young-Hwan Kwak, Jin
description	With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. To mitigate this, several studies have examined encrypted network traffic by analyzing metadata and payload bytes. Recent studies have furthered this approach, utilizing graph neural networks to analyze the structural data patterns within malicious encrypted traffic. This study proposed an enhanced encrypted traffic analysis leveraging graph neural networks which can model the symmetric or asymmetric spatial relations between nodes in the traffic network and optimized feature dimensionality reduction. It classified malicious network traffic by leveraging key features, including the IP address, port, CipherSuite, MessageLen, and JA3 features within the transport-layer-security session data, and then analyzed the correlation between normal and malicious network traffic data. The proposed approach outperformed previous models in terms of efficiency, using fewer features while maintaining a high accuracy rate of 99.5%. This demonstrates its research value as it can classify malicious network traffic with a high accuracy based on fewer features.
doi_str_mv	10.3390/sym16060733
format	Article
fullrecord	<record><control><sourceid>gale_proqu</sourceid><recordid>TN_cdi_proquest_journals_3072694274</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><galeid>A799652743</galeid><sourcerecordid>A799652743</sourcerecordid><originalsourceid>FETCH-LOGICAL-c225t-12775b70a980d5f6964357b159914221e046e22fe9588c1fbaabf30971349dcc3</originalsourceid><addsrcrecordid>eNpNUU1LxDAQLaKgrHvyDwQ8yq75aJrmuOi6CouCrOeSppM12qY1SZX6642sB2cO783w3mNgsuyC4CVjEl-HqSMFLrBg7Cg7owkXpZT58T9-ms1DeMOpOOZ5gc-ysHavymlo0NppPw0xsZ1XxliNVk61U7ABbeETvNpbt0cbr4ZX9AijV22C-NX794CUa9DTEG1nv5P_DlQcPaBb24ELtk8xNk7oGZpRxzSeZydGtQHmfzjLXu7Wu5v7xfZp83Cz2i40pTwuCBWC1wIrWeKGm0IWOeOiJlxKklNKAOcFUGpA8rLUxNRK1YZhKQjLZaM1m2WXh9zB9x8jhFi99aNP14SKYUELmVORJ9XyoNqrFirrTB-90qkb6KzuHRib9ishZcF_9clwdTBo34fgwVSDt53yU0Vw9fuJ6t8n2A8vi3u-</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3072694274</pqid></control><display><type>article</type><title>Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction</title><source>MDPI - Multidisciplinary Digital Publishing Institute</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Jung, In-Su ; Song, Yu-Rae ; Jilcha, Lelisa Adeba ; Kim, Deuk-Hun ; Im, Sun-Young ; Shim, Shin-Woo ; Kim, Young-Hwan ; Kwak, Jin</creator><creatorcontrib>Jung, In-Su ; Song, Yu-Rae ; Jilcha, Lelisa Adeba ; Kim, Deuk-Hun ; Im, Sun-Young ; Shim, Shin-Woo ; Kim, Young-Hwan ; Kwak, Jin</creatorcontrib><description>With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. To mitigate this, several studies have examined encrypted network traffic by analyzing metadata and payload bytes. Recent studies have furthered this approach, utilizing graph neural networks to analyze the structural data patterns within malicious encrypted traffic. This study proposed an enhanced encrypted traffic analysis leveraging graph neural networks which can model the symmetric or asymmetric spatial relations between nodes in the traffic network and optimized feature dimensionality reduction. It classified malicious network traffic by leveraging key features, including the IP address, port, CipherSuite, MessageLen, and JA3 features within the transport-layer-security session data, and then analyzed the correlation between normal and malicious network traffic data. The proposed approach outperformed previous models in terms of efficiency, using fewer features while maintaining a high accuracy rate of 99.5%. This demonstrates its research value as it can classify malicious network traffic with a high accuracy based on fewer features.</description><identifier>ISSN: 2073-8994</identifier><identifier>EISSN: 2073-8994</identifier><identifier>DOI: 10.3390/sym16060733</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Accuracy ; Algorithms ; Classification ; Communications traffic ; Data analysis ; Data encryption ; Encryption ; Graph neural networks ; Hypertext ; Machine learning ; Metadata ; Neural networks ; Security ; Traffic analysis ; Web browsers</subject><ispartof>Symmetry (Basel), 2024-06, Vol.16 (6), p.733</ispartof><rights>COPYRIGHT 2024 MDPI AG</rights><rights>2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c225t-12775b70a980d5f6964357b159914221e046e22fe9588c1fbaabf30971349dcc3</cites><orcidid>0009-0007-1416-3635 ; 0009-0003-7355-7133 ; 0009-0008-6478-2036 ; 0000-0001-6931-2705 ; 0009-0003-5683-8910 ; 0000-0003-0959-9200 ; 0009-0004-5979-8384 ; 0000-0002-3740-5568</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Jung, In-Su</creatorcontrib><creatorcontrib>Song, Yu-Rae</creatorcontrib><creatorcontrib>Jilcha, Lelisa Adeba</creatorcontrib><creatorcontrib>Kim, Deuk-Hun</creatorcontrib><creatorcontrib>Im, Sun-Young</creatorcontrib><creatorcontrib>Shim, Shin-Woo</creatorcontrib><creatorcontrib>Kim, Young-Hwan</creatorcontrib><creatorcontrib>Kwak, Jin</creatorcontrib><title>Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction</title><title>Symmetry (Basel)</title><description>With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. To mitigate this, several studies have examined encrypted network traffic by analyzing metadata and payload bytes. Recent studies have furthered this approach, utilizing graph neural networks to analyze the structural data patterns within malicious encrypted traffic. This study proposed an enhanced encrypted traffic analysis leveraging graph neural networks which can model the symmetric or asymmetric spatial relations between nodes in the traffic network and optimized feature dimensionality reduction. It classified malicious network traffic by leveraging key features, including the IP address, port, CipherSuite, MessageLen, and JA3 features within the transport-layer-security session data, and then analyzed the correlation between normal and malicious network traffic data. The proposed approach outperformed previous models in terms of efficiency, using fewer features while maintaining a high accuracy rate of 99.5%. This demonstrates its research value as it can classify malicious network traffic with a high accuracy based on fewer features.</description><subject>Accuracy</subject><subject>Algorithms</subject><subject>Classification</subject><subject>Communications traffic</subject><subject>Data analysis</subject><subject>Data encryption</subject><subject>Encryption</subject><subject>Graph neural networks</subject><subject>Hypertext</subject><subject>Machine learning</subject><subject>Metadata</subject><subject>Neural networks</subject><subject>Security</subject><subject>Traffic analysis</subject><subject>Web browsers</subject><issn>2073-8994</issn><issn>2073-8994</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNpNUU1LxDAQLaKgrHvyDwQ8yq75aJrmuOi6CouCrOeSppM12qY1SZX6642sB2cO783w3mNgsuyC4CVjEl-HqSMFLrBg7Cg7owkXpZT58T9-ms1DeMOpOOZ5gc-ysHavymlo0NppPw0xsZ1XxliNVk61U7ABbeETvNpbt0cbr4ZX9AijV22C-NX794CUa9DTEG1nv5P_DlQcPaBb24ELtk8xNk7oGZpRxzSeZydGtQHmfzjLXu7Wu5v7xfZp83Cz2i40pTwuCBWC1wIrWeKGm0IWOeOiJlxKklNKAOcFUGpA8rLUxNRK1YZhKQjLZaM1m2WXh9zB9x8jhFi99aNP14SKYUELmVORJ9XyoNqrFirrTB-90qkb6KzuHRib9ishZcF_9clwdTBo34fgwVSDt53yU0Vw9fuJ6t8n2A8vi3u-</recordid><startdate>20240601</startdate><enddate>20240601</enddate><creator>Jung, In-Su</creator><creator>Song, Yu-Rae</creator><creator>Jilcha, Lelisa Adeba</creator><creator>Kim, Deuk-Hun</creator><creator>Im, Sun-Young</creator><creator>Shim, Shin-Woo</creator><creator>Kim, Young-Hwan</creator><creator>Kwak, Jin</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SR</scope><scope>7U5</scope><scope>8BQ</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>H8D</scope><scope>HCIFZ</scope><scope>JG9</scope><scope>JQ2</scope><scope>L6V</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><orcidid>https://orcid.org/0009-0007-1416-3635</orcidid><orcidid>https://orcid.org/0009-0003-7355-7133</orcidid><orcidid>https://orcid.org/0009-0008-6478-2036</orcidid><orcidid>https://orcid.org/0000-0001-6931-2705</orcidid><orcidid>https://orcid.org/0009-0003-5683-8910</orcidid><orcidid>https://orcid.org/0000-0003-0959-9200</orcidid><orcidid>https://orcid.org/0009-0004-5979-8384</orcidid><orcidid>https://orcid.org/0000-0002-3740-5568</orcidid></search><sort><creationdate>20240601</creationdate><title>Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction</title><author>Jung, In-Su ; Song, Yu-Rae ; Jilcha, Lelisa Adeba ; Kim, Deuk-Hun ; Im, Sun-Young ; Shim, Shin-Woo ; Kim, Young-Hwan ; Kwak, Jin</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c225t-12775b70a980d5f6964357b159914221e046e22fe9588c1fbaabf30971349dcc3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Accuracy</topic><topic>Algorithms</topic><topic>Classification</topic><topic>Communications traffic</topic><topic>Data analysis</topic><topic>Data encryption</topic><topic>Encryption</topic><topic>Graph neural networks</topic><topic>Hypertext</topic><topic>Machine learning</topic><topic>Metadata</topic><topic>Neural networks</topic><topic>Security</topic><topic>Traffic analysis</topic><topic>Web browsers</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Jung, In-Su</creatorcontrib><creatorcontrib>Song, Yu-Rae</creatorcontrib><creatorcontrib>Jilcha, Lelisa Adeba</creatorcontrib><creatorcontrib>Kim, Deuk-Hun</creatorcontrib><creatorcontrib>Im, Sun-Young</creatorcontrib><creatorcontrib>Shim, Shin-Woo</creatorcontrib><creatorcontrib>Kim, Young-Hwan</creatorcontrib><creatorcontrib>Kwak, Jin</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>Solid State and Superconductivity Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Aerospace Database</collection><collection>SciTech Premium Collection</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><jtitle>Symmetry (Basel)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Jung, In-Su</au><au>Song, Yu-Rae</au><au>Jilcha, Lelisa Adeba</au><au>Kim, Deuk-Hun</au><au>Im, Sun-Young</au><au>Shim, Shin-Woo</au><au>Kim, Young-Hwan</au><au>Kwak, Jin</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction</atitle><jtitle>Symmetry (Basel)</jtitle><date>2024-06-01</date><risdate>2024</risdate><volume>16</volume><issue>6</issue><spage>733</spage><pages>733-</pages><issn>2073-8994</issn><eissn>2073-8994</eissn><abstract>With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. To mitigate this, several studies have examined encrypted network traffic by analyzing metadata and payload bytes. Recent studies have furthered this approach, utilizing graph neural networks to analyze the structural data patterns within malicious encrypted traffic. This study proposed an enhanced encrypted traffic analysis leveraging graph neural networks which can model the symmetric or asymmetric spatial relations between nodes in the traffic network and optimized feature dimensionality reduction. It classified malicious network traffic by leveraging key features, including the IP address, port, CipherSuite, MessageLen, and JA3 features within the transport-layer-security session data, and then analyzed the correlation between normal and malicious network traffic data. The proposed approach outperformed previous models in terms of efficiency, using fewer features while maintaining a high accuracy rate of 99.5%. This demonstrates its research value as it can classify malicious network traffic with a high accuracy based on fewer features.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/sym16060733</doi><orcidid>https://orcid.org/0009-0007-1416-3635</orcidid><orcidid>https://orcid.org/0009-0003-7355-7133</orcidid><orcidid>https://orcid.org/0009-0008-6478-2036</orcidid><orcidid>https://orcid.org/0000-0001-6931-2705</orcidid><orcidid>https://orcid.org/0009-0003-5683-8910</orcidid><orcidid>https://orcid.org/0000-0003-0959-9200</orcidid><orcidid>https://orcid.org/0009-0004-5979-8384</orcidid><orcidid>https://orcid.org/0000-0002-3740-5568</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2073-8994
ispartof	Symmetry (Basel), 2024-06, Vol.16 (6), p.733
issn	2073-8994 2073-8994
language	eng
recordid	cdi_proquest_journals_3072694274
source	MDPI - Multidisciplinary Digital Publishing Institute; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects	Accuracy Algorithms Classification Communications traffic Data analysis Data encryption Encryption Graph neural networks Hypertext Machine learning Metadata Neural networks Security Traffic analysis Web browsers
title	Enhanced Encrypted Traffic Analysis Leveraging Graph Neural Networks and Optimized Feature Dimensionality Reduction
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-03T19%3A36%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-gale_proqu&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Enhanced%20Encrypted%20Traffic%20Analysis%20Leveraging%20Graph%20Neural%20Networks%20and%20Optimized%20Feature%20Dimensionality%20Reduction&rft.jtitle=Symmetry%20(Basel)&rft.au=Jung,%20In-Su&rft.date=2024-06-01&rft.volume=16&rft.issue=6&rft.spage=733&rft.pages=733-&rft.issn=2073-8994&rft.eissn=2073-8994&rft_id=info:doi/10.3390/sym16060733&rft_dat=%3Cgale_proqu%3EA799652743%3C/gale_proqu%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3072694274&rft_id=info:pmid/&rft_galeid=A799652743&rfr_iscdi=true