Hierarchical Perception for Encrypted Traffic Classification via Class Incremental Learning

Abstract

The rapid evolution of internet technology has resulted in an ongoing update of the types of encrypted network traffic. Therefore, efficient Encrypted Traffic Classification (ETC) is of significant importance for the security of user data and computer systems. Incremental Learning (IL) strategies for ETC methods allow them to evolve with the network environment, achieving remarkable results in real-world scenarios. However, existing IL frameworks for ETC tasks face issues of low computational efficiency and insufficient incremental capability, making it difficult to achieve satisfactory performance. In this work, we introduce an incremental ETC scheme, HCA-Net, which uses hierarchical perception to evolve with traffic flows. We design a feature-reweighted Depthwise separable convolution that ensures computational efficiency without compromising feature extraction capabilities. Additionally, our IL framework comprises a carefully constructed contrastive loss and a representative exemplar selection strategy, enabling the distillation of knowledge from learning old traffic categories to the parameters of learning new knowledge, mitigating the inevitable catastrophic forgetting problem in IL methods. Comprehensive experimental results on three public datasets show that our scheme outperforms the state-of-the-art methods, demonstrating exceptional performance in ETC tasks. By acquiring specific traffic samples at each training stage, our approach achieves incremental ETC, showcasing robust incremental capability and computational efficiency.