OSF-EIMTC: An open-source framework for standardized encrypted internet traffic classification

Ofek Bader, Adi Lichy, Amit Dvir, Ran Dubin, Chen Hajaj

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Internet traffic classification plays a key role in network visibility, Quality of Services (QoS), intrusion detection, Quality of Experience (QoE) and traffic-trend analyses. In order to improve privacy, integrity, confidentiality, and protocol obfuscation, the current traffic is based on encryption protocols, e.g., SSL/TLS. With the increased use of Machine-Learning (ML) and Deep-Learning (DL) models in the literature, comparison between different models and methods has become cumbersome and difficult due to a lack of a standardized framework. In this paper, we propose an open-source framework, named OSF-EIMTC, which can provide the full pipeline of the learning process and simulation reproducibility. From well-known datasets to extracting new and well-known features, it provides implementations of well-known ML and DL models (from the traffic classification literature) as well as experimental test-beds and their evaluation. By providing a standardized platform, OSF-EIMTC enables repeatable, reproducible, and accurate comparisons of both established and novel features and models. As part of our framework evaluation, we demonstrate the reproducibility of a variety of cases where the framework can be of use, utilizing multiple datasets, models, and feature sets. We show analyses of publicly available datasets and invite the community to participate in our open challenges using OSF-EIMTC, fostering collaborative advancements in encrypted traffic classification.

Original languageEnglish
Pages (from-to)271-284
Number of pages14
JournalComputer Communications
Volume213
DOIs
StatePublished - 1 Jan 2024

Keywords

  • Encrypted traffic
  • Experimental test-bed
  • Framework
  • Machine learning
  • Research platform

Fingerprint

Dive into the research topics of 'OSF-EIMTC: An open-source framework for standardized encrypted internet traffic classification'. Together they form a unique fingerprint.

Cite this