Skoči na glavni sadržaj

Journal of Information and Organizational Sciences, Vol. 49 No. 2, 2025.

Izvorni znanstveni članak

https://doi.org/10.31341/jios.49.2.5

Bootstrap Forest based method for Encrypted Network Traffic Analysis

Shobana Durairaju orcid id orcid.org/0009-0006-3620-2423 ; School of Computer Science Engineering and Information Systems, Vellore Institute of Technology, Vellore, Tamilnadu, India
Aswani Kumar Cherukuri ; School of Computer Science Engineering and Information Systems, Vellore Institute of Technology, Vellore, Tamilnadu, India

Puni tekst: engleski pdf 479 Kb

str. 235-249

preuzimanja: 107

citiraj

Sažetak

Encrypting communications and data over the Internet becomes essential in ensuring the privacy of communications and protecting the data from increasing threats. Hence, majority of Internet traffic and networked communications are encrypted now. However, encryption also provides a means for attackers to hide them behind encrypted communications and conduct malicious activities. Analyzing the unencrypted communications is relatively easy. The same task is highly challenging due to the presence of encryption in network communication. Conventional network analysis methods fail to analyze encrypted communications. There are methods like flow monitoring that are available to detect encrypted traffic and analyze traffic flow related features. By using traditional analysis methods, we could not achieve accurate detection and classification of encrypted network packets in various types of network traffic such as VoIP, Text, Audio, Video, VPN traffic. In our work, we have proposed the Bootstrap Forest model to analyze and classify encrypted network traffic. Bootstrap Forest model accurately classifies the encrypted network traffic using statistical and time-based features. The performance of the proposed model is evaluated and compared with the performance of other machine learning models under various performance metrics. The three publicly available datasets such as UNSW-NB15, ISCXTor 2016 and ISCXVPN 2016 datasets were used in our experimentations and evaluations. The experimental results show that our proposed model provides the best performance for classifying encrypted network traffic while comparing the F1 score with other methods.

Ključne riječi

Encrypted Network Traffic; Benign Packets; Machine Learning; Network Packets; Network Traffic; Bootstrap Forest

Hrčak ID:

335783

URI

https://hrcak.srce.hr/335783

Datum izdavanja:

17.12.2025.

Posjeta: 917 *