| Title | EZAC: Encrypted Zero-Day Applications Classification Using CNN and K-Means |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Li, Yan, Lu, Yifei, Li, Shuren |
| Conference Name | 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD) |
| Date Published | May 2021 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-6597-4 |
| Keywords | CNN, Collaborative Work, composability, Conferences, convolutional neural networks, defense, encrypted traffic, Encryption, k-means, Metrics, pubcrawl, resilience, Resiliency, Traffic classification, Zero day attacks, zero-day application |
| Abstract | With the rapid development of traffic encryption technology and the continuous emergence of various network services, the classification of encrypted zero-day applications has become a major challenge in network supervision. More seriously, many attackers will utilize zero-day applications to hide their attack behaviors and make attack undetectable. However, there are very few existing studies on zero-day applications. Existing works usually select and label zero-day applications from unlabeled datasets, and these are not true zero-day applications classification. To address the classification of zero-day applications, this paper proposes an Encrypted Zero-day Applications Classification (EZAC) method that combines Convolutional Neural Network (CNN) and K-Means, which can effectively classify zero-day applications. We first use CNN to classify the flows, and for the flows that may be zero-day applications, we use K-Means to divide them into several categories, which are then manually labeled. Experimental results show that the EZAC achieves 97.4% accuracy on a public dataset (CIC-Darknet2020), which outperforms the state-of-the-art methods. |
| URL | https://ieeexplore.ieee.org/document/9437716 |
| DOI | 10.1109/CSCWD49262.2021.9437716 |
| Citation Key | li_ezac_2021 |
EZAC: Encrypted Zero-Day Applications Classification Using CNN and K-Means