Reinterpreting Usability of Semantic Segmentation Approach for Darknet Traffic Analysis

Thumbnail Image
Files
1s2.0S1389128624003256main.pdf(3.05 MB)
Date
2024-05-20
Authors
Mezina, Anzhelika
Burget, Radim
Ometov, Aleksandr
ORCID
0000-0003-1849-5390
Advisor
Referee
Mark
Journal Title
Journal ISSN
Volume Title
Publisher
ELSEVIER
Altmetrics
Abstract
With a growing number of smart interconnected devices and services, managing and controlling network traffic is getting more complicated. Among the network traffic, the Darknet-related one is particularly interesting, as it is often used for anonymous and illicit activities that pose cyber security threats. Therefore, designing and developing methods for detecting and categorizing Darknet traffic is essential. Applying Deep Learning (DL) is one of the most suitable options in this case. The main reasons are the ability to process a large amount of data and detect the hidden patterns and relationships in these data. This work proposes a DL architecture based on UNet++, which can detect and categorize anonymous traffic. The core idea of this model is semantic segmentation, which can identify meaningful segments that share some common patterns in given data. Hereby, semantic segmentation is postulated as a possible way to investigate Darknet traffic to find some common and related features instead of widely used Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM). According to the results on comparison with other Machine Learning (ML) and DL models, the UNet++ model outperforms the methods with a higher accuracy of 98.19% and 87.27% for Darknet detection and traffic categorization. Our work shows the potential of using UNet++ for network traffic analysis and Darknet traffic detection. We have also demonstrated that more advanced architecture with skip connections and trainable blocks provides more accurate results than pure U -Net, CNN, and other evaluated models.
Description
Keywords
Deep learning, Darknet detection, UNet plus plus, Feature analysis, Traffic classification
Citation
Computer Networks. 2024, vol. 249, issue July 2024, p. 1-17.
https://www.sciencedirect.com/science/article/pii/S1389128624003256
Document type
Peer-reviewed
Document version
Published version
Date of access to the full text
Language of document
en
Study field
Comittee
Date of acceptance
Defence
Result of defence
Document licence
Creative Commons Attribution 4.0 International
http://creativecommons.org/licenses/by/4.0/
DOI
10.1016/j.comnet.2024.110493
URI
https://hdl.handle.net/11012/249487
Collections
Ústav telekomunikací
Citace PRO