Abstract
Traffic detection has attracted much attention in recent years, playing an essential role in intrusion detection systems (IDS). This paper proposes a new approach for traffic detection at the packet level, inspired by natural language processing (NLP), using simple contrastive learning of sentence embeddings (SimCSE) as an embedding model. The new approach can learn the features of traffic from raw packet data. Experiments were conducted on two well-known datasets to evaluate our approach. For detecting malicious activity, our model achieved an accuracy of 99.99% on the USTC-TFC2016 dataset, whereas for detecting virtual private network (VPN) activity, our model achieved an accuracy of 99.98% on the ISCXVPN2016 dataset. Furthermore, the resulting model was found to be robust based on zero-day attack detection, which shows the model's ability to detect attacks that have not been seen before. Experiments show that our approach can effectively detect network traffic and outperforms many other state-of-the-art methods.
Original language | English |
---|---|
Pages (from-to) | 56952-56960 |
Number of pages | 9 |
Journal | IEEE Access |
Volume | 10 |
DOIs | |
State | Published - 2022 |
Keywords
- Cyber security
- Network traffic
- Packet capture
- SimCSE
- Word2vec
All Science Journal Classification (ASJC) codes
- General Engineering
- General Computer Science
- Electrical and Electronic Engineering
- General Materials Science