Pub Date : 2017-08-18DOI: 10.1109/ISI.2017.8004882
Saike He, Xiaolong Zheng, D. Zeng
Public sentiments affecting health outcomes are increasingly modulated by social media. Existing literature mainly focus on investigating how network structure affects the contagion of health sentiments. However, most of these studies neglect that the interaction topology change in time. In fact, the change of inter-individual connections over time is associated with individual attributes. The mechanism through which individual attributes reshapes the connection topology is mainly governed by the competition between two principles, i.e., homophily (establishing or reinforcing social connections) and homeostasis (preserving the total strength of social connections to each individual). No existing approaches are yet able to accommodate these two competing effects at the same time. We thus propose a new statistical model (H2 model, Homophily and Homestasis model) to depict the evolution of temporal network, which is governed by the competition of homophily and homeostasis. In addition, we consider the mediation effect of external shock events, which enables us to separate exogenous confounding factors. Evaluation on Twitter data suggests that H2 model can capture long-range sentiment dynamics and external shock events. In sentiment prediction, H2 consistently outperforms existing methods in terms of error rate. Through the model's shock tensor, we successfully detect several typical events, and reveal that users in negative emotions are more influenced by external shock events than those with positive emotions. Our findings have practical significance for those who supervise and guide health sentiments in online communities.
{"title":"The dynamics of health sentiments with competitive interactions in social media","authors":"Saike He, Xiaolong Zheng, D. Zeng","doi":"10.1109/ISI.2017.8004882","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004882","url":null,"abstract":"Public sentiments affecting health outcomes are increasingly modulated by social media. Existing literature mainly focus on investigating how network structure affects the contagion of health sentiments. However, most of these studies neglect that the interaction topology change in time. In fact, the change of inter-individual connections over time is associated with individual attributes. The mechanism through which individual attributes reshapes the connection topology is mainly governed by the competition between two principles, i.e., homophily (establishing or reinforcing social connections) and homeostasis (preserving the total strength of social connections to each individual). No existing approaches are yet able to accommodate these two competing effects at the same time. We thus propose a new statistical model (H2 model, Homophily and Homestasis model) to depict the evolution of temporal network, which is governed by the competition of homophily and homeostasis. In addition, we consider the mediation effect of external shock events, which enables us to separate exogenous confounding factors. Evaluation on Twitter data suggests that H2 model can capture long-range sentiment dynamics and external shock events. In sentiment prediction, H2 consistently outperforms existing methods in terms of error rate. Through the model's shock tensor, we successfully detect several typical events, and reveal that users in negative emotions are more influenced by external shock events than those with positive emotions. Our findings have practical significance for those who supervise and guide health sentiments in online communities.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"8 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117329837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004877
Neda Abdelhamid, F. Thabtah, Hussein Abdel-jaber
In the last decade, numerous fake websites have been developed on the World Wide Web to mimic trusted websites, with the aim of stealing financial assets from users and organizations. This form of online attack is called phishing, and it has cost the online community and the various stakeholders hundreds of million Dollars. Therefore, effective counter measures that can accurately detect phishing are needed. Machine learning (ML) is a popular tool for data analysis and recently has shown promising results in combating phishing when contrasted with classic anti-phishing approaches, including awareness workshops, visualization and legal solutions. This article investigates ML techniques applicability to detect phishing attacks and describes their pros and cons. In particular, different types of ML techniques have been investigated to reveal the suitable options that can serve as anti-phishing tools. More importantly, we experimentally compare large numbers of ML techniques on real phishing datasets and with respect to different metrics. The purpose of the comparison is to reveal the advantages and disadvantages of ML predictive models and to show their actual performance when it comes to phishing attacks. The experimental results show that Covering approach models are more appropriate as anti-phishing solutions, especially for novice users, because of their simple yet effective knowledge bases in addition to their good phishing detection rate.
{"title":"Phishing detection: A recent intelligent machine learning comparison based on models content and features","authors":"Neda Abdelhamid, F. Thabtah, Hussein Abdel-jaber","doi":"10.1109/ISI.2017.8004877","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004877","url":null,"abstract":"In the last decade, numerous fake websites have been developed on the World Wide Web to mimic trusted websites, with the aim of stealing financial assets from users and organizations. This form of online attack is called phishing, and it has cost the online community and the various stakeholders hundreds of million Dollars. Therefore, effective counter measures that can accurately detect phishing are needed. Machine learning (ML) is a popular tool for data analysis and recently has shown promising results in combating phishing when contrasted with classic anti-phishing approaches, including awareness workshops, visualization and legal solutions. This article investigates ML techniques applicability to detect phishing attacks and describes their pros and cons. In particular, different types of ML techniques have been investigated to reveal the suitable options that can serve as anti-phishing tools. More importantly, we experimentally compare large numbers of ML techniques on real phishing datasets and with respect to different metrics. The purpose of the comparison is to reveal the advantages and disadvantages of ML predictive models and to show their actual performance when it comes to phishing attacks. The experimental results show that Covering approach models are more appropriate as anti-phishing solutions, especially for novice users, because of their simple yet effective knowledge bases in addition to their good phishing detection rate.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115482631","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004878
Yenlung Lai, B. Goi, Tong-Yuen Chai
This paper explores the recently published works on iris template protection namely Indexing-First-One hashing. Despite the Indexing-First-One hashing offers high recognition performance with resistant against several major privacy and security attacks, it does not resolve the rotation inconsistent issues existed in conventional iris template due to head tilt/ rotation during user's eyes images acquisition. Hence, a pre-alignment step is required for the conventional IFO hashed code matching. Consequently, this increased the computational cost heavily. Hereby, we address the rotation inconsistent issue by proposing an alignment-free IFO hashing through a pre-transformation based on Bloom filter generation. The proposed pre-alignment IFO hashing shows promising recognition performance, and the pre-alignment procedure is eliminated to lower computational cost.
本文对最近发表的关于虹膜模板保护的研究成果——索引先一哈希进行了探讨。尽管index - first - one散列法提供了较高的识别性能,并能抵抗几种主要的隐私和安全攻击,但它不能解决传统虹膜模板在用户眼睛图像获取过程中由于头部倾斜/旋转而存在的旋转不一致问题。因此,传统的IFO散列代码匹配需要一个预对齐步骤。因此,这大大增加了计算成本。因此,我们通过基于Bloom过滤器生成的预变换提出无对齐IFO哈希来解决旋转不一致问题。所提出的预对齐IFO哈希算法具有良好的识别性能,并且消除了预对齐过程,降低了计算成本。
{"title":"Alignment-free indexing-first-one hashing with bloom filter integration","authors":"Yenlung Lai, B. Goi, Tong-Yuen Chai","doi":"10.1109/ISI.2017.8004878","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004878","url":null,"abstract":"This paper explores the recently published works on iris template protection namely Indexing-First-One hashing. Despite the Indexing-First-One hashing offers high recognition performance with resistant against several major privacy and security attacks, it does not resolve the rotation inconsistent issues existed in conventional iris template due to head tilt/ rotation during user's eyes images acquisition. Hence, a pre-alignment step is required for the conventional IFO hashed code matching. Consequently, this increased the computational cost heavily. Hereby, we address the rotation inconsistent issue by proposing an alignment-free IFO hashing through a pre-transformation based on Bloom filter generation. The proposed pre-alignment IFO hashing shows promising recognition performance, and the pre-alignment procedure is eliminated to lower computational cost.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121887241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004894
Aaron Zimba, Zhaoshun Wang, Hongsong Chen
Ransomware techniques have evolved over time with the most resilient attacks making data recovery practically impossible. This has driven countermeasures to shift towards recovery against prevention but in this paper, we model ransomware attacks from an infection vector point of view. We follow the basic infection chain of crypto ransomware and use Bayesian network statistics to infer some of the most common ransomware infection vectors. We also employ the use of attack and sensor nodes to capture uncertainty in the Bayesian network.
{"title":"Reasoning crypto ransomware infection vectors with Bayesian networks","authors":"Aaron Zimba, Zhaoshun Wang, Hongsong Chen","doi":"10.1109/ISI.2017.8004894","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004894","url":null,"abstract":"Ransomware techniques have evolved over time with the most resilient attacks making data recovery practically impossible. This has driven countermeasures to shift towards recovery against prevention but in this paper, we model ransomware attacks from an infection vector point of view. We follow the basic infection chain of crypto ransomware and use Bayesian network statistics to infer some of the most common ransomware infection vectors. We also employ the use of attack and sensor nodes to capture uncertainty in the Bayesian network.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127953006","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004903
Emma McMahon, Richard Ryan Williams, Malaka El, S. Samtani, Mark W. Patton, Hsinchun Chen
Internet enabled medical devices offer patients with a level of convenience. In recent years, the healthcare industry has seen a surge in the number of cyber-attacks. Given the potentially fatal impact of a compromised medical device, this study aims to identify vulnerabilities of medical devices. Our approach uses Shodan to obtain a large collection of IP addresses that will be passed through Nessus to verify if any vulnerabilities exist. We determined some devices manufactured by primary vendors such as Omron Corporation, FORA, Roche, and Bionet contain serious vulnerabilities such as Dropbear SSH Server and MS17-010. These allow remote execution of code and authentication bypassing potentially giving attackers control of their systems.
{"title":"Assessing medical device vulnerabilities on the Internet of Things","authors":"Emma McMahon, Richard Ryan Williams, Malaka El, S. Samtani, Mark W. Patton, Hsinchun Chen","doi":"10.1109/ISI.2017.8004903","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004903","url":null,"abstract":"Internet enabled medical devices offer patients with a level of convenience. In recent years, the healthcare industry has seen a surge in the number of cyber-attacks. Given the potentially fatal impact of a compromised medical device, this study aims to identify vulnerabilities of medical devices. Our approach uses Shodan to obtain a large collection of IP addresses that will be passed through Nessus to verify if any vulnerabilities exist. We determined some devices manufactured by primary vendors such as Omron Corporation, FORA, Roche, and Bionet contain serious vulnerabilities such as Dropbear SSH Server and MS17-010. These allow remote execution of code and authentication bypassing potentially giving attackers control of their systems.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122081230","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004897
Hsin-Hsiung Huang, Zijing Wang, Wingyan Chung
Support Vector Machines (SVM) is a widely used technique for classifying high-dimensional data, especially in security and intelligence categorization. However, the performance of SVM can be adversely affected by poorly selected parameter values. Current approaches to SVM parameter selection mainly rely on extensive cross validation or anecdotal information, which can be inefficient and ineffective. In this research, we propose an efficient algorithm called Percentile-SVM (P-SVM) for selecting the parameter pair, (γ, C), of SVM with Gaussian kernels on metric data. P-SVM searches only a handful of percentiles of the squared Euclidean distances of data points to select the best pair of parameter values. To validate the algorithm, we applied P-SVM to categorizing business intelligence factors extracted from 6,859 sentences of 231 online news articles about four major companies in the information technology sector. The results show that P-SVM achieved a significant improvement in precision, recall, F-measure, and AUC over the LibSVM package (with default parameter values) used in WEKA, a widely used data mining software. These findings provide useful implication for relevant research and security informatics applications.
{"title":"Efficient parameter selection for SVM: The case of business intelligence categorization","authors":"Hsin-Hsiung Huang, Zijing Wang, Wingyan Chung","doi":"10.1109/ISI.2017.8004897","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004897","url":null,"abstract":"Support Vector Machines (SVM) is a widely used technique for classifying high-dimensional data, especially in security and intelligence categorization. However, the performance of SVM can be adversely affected by poorly selected parameter values. Current approaches to SVM parameter selection mainly rely on extensive cross validation or anecdotal information, which can be inefficient and ineffective. In this research, we propose an efficient algorithm called Percentile-SVM (P-SVM) for selecting the parameter pair, (γ, C), of SVM with Gaussian kernels on metric data. P-SVM searches only a handful of percentiles of the squared Euclidean distances of data points to select the best pair of parameter values. To validate the algorithm, we applied P-SVM to categorizing business intelligence factors extracted from 6,859 sentences of 231 online news articles about four major companies in the information technology sector. The results show that P-SVM achieved a significant improvement in precision, recall, F-measure, and AUC over the LibSVM package (with default parameter values) used in WEKA, a widely used data mining software. These findings provide useful implication for relevant research and security informatics applications.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134032797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004876
Ravi Barreira, V. Pinheiro, Vasco Furtado
This article describes a framework for semantic annotation of texts that are submitted for forensic analysis, based on Frame Semantics, and a knowledge base of Forensic Frames — FrameFOR. We demonstrate through experimental evaluations that the application of the Semantic Role Labeling (SRL) techniques and Natural Language Processing (NLP) in digital forensic increases the performance of the forensic experts in terms of agility, precision and recall.
{"title":"A framework for digital forensics analysis based on semantic role labeling","authors":"Ravi Barreira, V. Pinheiro, Vasco Furtado","doi":"10.1109/ISI.2017.8004876","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004876","url":null,"abstract":"This article describes a framework for semantic annotation of texts that are submitted for forensic analysis, based on Frame Semantics, and a knowledge base of Forensic Frames — FrameFOR. We demonstrate through experimental evaluations that the application of the Semantic Role Labeling (SRL) techniques and Natural Language Processing (NLP) in digital forensic increases the performance of the forensic experts in terms of agility, precision and recall.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121085008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004871
Ze Li, Duoyong Sun, Kun Cai, Bo Li
Terror operations are carried out by a team of terrorists with their interaction and cooperation. Different tie strengths, such as acquaintances, friends, and family members, influence the construction and reconstruction of the operation team. Understanding the interaction patterns of tie strength might be useful not only for advancing our understanding of terror operations, but ultimately for providing more effective methods of countering terrorist violence. To this end, in this paper, we designed an operation-related social network, and analyzed the tie strength selection and cooperative reconnection in the terror operation networks. We proposed three hypotheses about the tie strengths and had the Al-Qaeda dataset investigated to test the hypotheses. Results demonstrate that the terrorist organization has some different interaction patterns against the ordinary social organizations and the terror operations share similar features with crime events in rational choice. Our analysis reveals that tie strength matters in terror operations and is essentially helpful in making counterterrorism strategies.
{"title":"Tie strength still matters: Investigating interaction patterns of Al-Qaeda network in terror operations","authors":"Ze Li, Duoyong Sun, Kun Cai, Bo Li","doi":"10.1109/ISI.2017.8004871","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004871","url":null,"abstract":"Terror operations are carried out by a team of terrorists with their interaction and cooperation. Different tie strengths, such as acquaintances, friends, and family members, influence the construction and reconstruction of the operation team. Understanding the interaction patterns of tie strength might be useful not only for advancing our understanding of terror operations, but ultimately for providing more effective methods of countering terrorist violence. To this end, in this paper, we designed an operation-related social network, and analyzed the tie strength selection and cooperative reconnection in the terror operation networks. We proposed three hypotheses about the tie strengths and had the Al-Qaeda dataset investigated to test the hypotheses. Results demonstrate that the terrorist organization has some different interaction patterns against the ordinary social organizations and the terror operations share similar features with crime events in rational choice. Our analysis reveals that tie strength matters in terror operations and is essentially helpful in making counterterrorism strategies.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131171410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004875
Tuomo Hiippala
This paper presents a system that uses machine learning to recognize military vehicles in social media images. To do so, the system draws on recent advances in applying deep neural networks to computer vision tasks, while also making extensive use of openly available libraries, models and data. Training a vehicle recognition system over three classes, the paper reports on two experiments that use different architectures and strategies to overcome the challenges of working with limited training data: data augmentation and transfer learning. The results show that transfer learning outperforms data augmentation, achieving an average accuracy of 95.18% using 10-fold cross-validation, while also generalizing well on a separate testing set consisting of social media content.
{"title":"Recognizing military vehicles in social media images using deep learning","authors":"Tuomo Hiippala","doi":"10.1109/ISI.2017.8004875","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004875","url":null,"abstract":"This paper presents a system that uses machine learning to recognize military vehicles in social media images. To do so, the system draws on recent advances in applying deep neural networks to computer vision tasks, while also making extensive use of openly available libraries, models and data. Training a vehicle recognition system over three classes, the paper reports on two experiments that use different architectures and strategies to overcome the challenges of working with limited training data: data augmentation and transfer learning. The results show that transfer learning outperforms data augmentation, achieving an average accuracy of 95.18% using 10-fold cross-validation, while also generalizing well on a separate testing set consisting of social media content.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"239 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132760602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-22DOI: 10.1109/ISI.2017.8004872
Wei Wang, Ming Zhu, Jinlin Wang, Xuewen Zeng, Zhongzhen Yang
Traffic classification plays an important and basic role in network management and cyberspace security. With the widespread use of encryption techniques in network applications, encrypted traffic has recently become a great challenge for the traditional traffic classification methods. In this paper we proposed an end-to-end encrypted traffic classification method with one-dimensional convolution neural networks. This method integrates feature extraction, feature selection and classifier into a unified end-to-end framework, intending to automatically learning nonlinear relationship between raw input and expected output. To the best of our knowledge, it is the first time to apply an end-to-end method to the encrypted traffic classification domain. The method is validated with the public ISCX VPN-nonVPN traffic dataset. Among all of the four experiments, with the best traffic representation and the fine-tuned model, 11 of 12 evaluation metrics of the experiment results outperform the state-of-the-art method, which indicates the effectiveness of the proposed method.
{"title":"End-to-end encrypted traffic classification with one-dimensional convolution neural networks","authors":"Wei Wang, Ming Zhu, Jinlin Wang, Xuewen Zeng, Zhongzhen Yang","doi":"10.1109/ISI.2017.8004872","DOIUrl":"https://doi.org/10.1109/ISI.2017.8004872","url":null,"abstract":"Traffic classification plays an important and basic role in network management and cyberspace security. With the widespread use of encryption techniques in network applications, encrypted traffic has recently become a great challenge for the traditional traffic classification methods. In this paper we proposed an end-to-end encrypted traffic classification method with one-dimensional convolution neural networks. This method integrates feature extraction, feature selection and classifier into a unified end-to-end framework, intending to automatically learning nonlinear relationship between raw input and expected output. To the best of our knowledge, it is the first time to apply an end-to-end method to the encrypted traffic classification domain. The method is validated with the public ISCX VPN-nonVPN traffic dataset. Among all of the four experiments, with the best traffic representation and the fine-tuned model, 11 of 12 evaluation metrics of the experiment results outperform the state-of-the-art method, which indicates the effectiveness of the proposed method.","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125231993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: