The growing prevalence of encrypted malicious network traffic poses significant challenges for cybersecurity, as it conceals the content from traditional detection methods. Temporal convolutional networks (TCNs) present promising capabilities for extracting complex temporal features and patterns from the dynamic traffic flow data. However, the unidirectional nature of traditional TCNs limits their effectiveness in capturing the full context of network traffic, which often exhibits bidirectional temporal dependencies. Consequently, a few studies have proposed bidirectional TCN (BiTCN) architectures to address the limitations. However, these methods present complex architectures that require a significant amount of parameters to be learned, which imposes high memory requirements on the computational resources for training such models. In this study, we introduce the efficient bidirectional TCN (eBiTCN) model, an efficient BiTCN that requires fewer parameters yet not at the expense of computational cost and effective detection. The eBiTCN framework combines a bidirectional processor, a lightweight gating mechanism, temporal attention, dropout, a novel loss function, and dense layers. Extensive experiments show that eBiTCN outperforms eight state-of-the-art competing models in terms of detection efficacy, speed, and scalability. The eBiTCN model showcased robust performance in detecting evolving attacks and excelled across various real-world datasets. Its efficiency in training speed and reduced memory usage translates to lower infrastructure costs, making it an accessible and effective choice for deployment. These findings highlight eBiTCN’s practicality and dependability in addressing contemporary network security needs.
El-MaghrabyRTAbd ElazimNMBahaa-EldinAM. A survey on deep packet inspection. In: 2017 12th International conference on computer engineering and systems (ICCES), 2017, pp.188–197. DOI:10.1109/ICCES.2017.8275301.
2.
ChenJSongLCaiS, et al.TLS-MHAA: an efficient detection model for encrypted malicious traffic based on multi-head self-attention mechanism. ACM Trans Priv Secur2023c; 26: 1–21.
XieRWangYCaoJ, et al.Rosetta: enabling robust tls encrypted traffic classification in diverse network environments with tcp-aware traffic augmentation. In: Proceedings of the ACM turing award celebration conference - China 2023, 2023, ACM TURC ’23, pp.131–132, New York, NY, USA. Association for Computing Machinery.
5.
ElmaghrabyRTAbdel AziemNMSobhMA, et al.Encrypted network traffic classification based on machine learning. Ain Shams Eng J2024; 15: 102361.
6.
PapadogiannakiEIoannidisS. A survey on encrypted network traffic analysis applications, techniques, and countermeasures. ACM Comput Surv2021; 54: 33.
7.
SongYLuktarhanNShiZ, et al.TGA: a novel network intrusion detection method based on TCN, Bigru and attention mechanism. Electronics2023; 12: 2849.
8.
CaoJXieRSunK, et al.When match fields do not need to match: buffered packets hijacking in SDN. Proc. of the Network and Distributed System Security Symposium (NDSS’20), 2020, DOI: 10.14722/ndss.2020.23040. https://par.nsf.gov/biblio/10172419.
9.
CaiSXuHLiuM, et al.A malicious network traffic detection model based on bidirectional temporal convolutional network with multi-head self-attention mechanism. Comput Sec2024; 136: 103580.
10.
ChenJLvTCaiS, et al.A novel detection model for abnormal network traffic based on bidirectional temporal convolutional network. Inf Softw Technol2023b; 157: 107166.
11.
XinLZiangLYingliZ, et al.Tcn enhanced novel malicious traffic detection for IOT devices. Conn Sci2022; 34: 1322–1341.
12.
HeXCaoJWangS, et al.AUTER: automatically tuning multi-layer network buffers in long-distance shadowsocks networks. In: IEEE INFOCOM 2022 - IEEE conference on computer communications, 2022, pp.1689–1698. DOI: 10.1109/INFOCOM48880.2022.9796882.
13.
SprangersOSchelterSde RijkeM. Parameter-efficient deep probabilistic forecasting. Int J Forecast2023; 39: 332–345.
14.
YangZCaoJLiuZ, et al.Good learning, bad performance: a novel attack against RL-based congestion control systems. IEEE Trans Inf Forens Sec2022; 17: 1069–1082.
15.
WangZFokKWThingVL. Machine learning for encrypted malicious traffic detection: approaches, datasets and comparative study. Comput Sec2022; 113: 102542.
16.
ChenYKangYChenY, et al.Probabilistic forecasting with temporal convolutional neural network. Neurocomputing2020; 399: 491–501.
17.
ZhuMYeKWangY, et al.A deep learning approach for network anomaly detection based on AMF-LSTM. In: Network and parallel computing: 15th IFIP WG 10.3 international conference, NPC 2018, Muroran, Japan, November 29–December 1, 2018, Proceedings 15, 2018, pp.137–141. Springer.
18.
LopesOZouIAbdulqadderD, et al.Network intrusion detection based on the temporal convolutional model. Comput Sec2023; 135: 103465.
19.
MehtaAYangW. NAC-TCN: temporal convolutional networks with causal dilated neighborhood attention for emotion understanding. In: Proceedings of the 2023 7th international conference on video and image processing, 2024, ICVIP ’23, pp.9–16, New York, NY, USA. Association for Computing Machinery.
20.
LinPYeKHuY, et al.A novel multimodal deep learning framework for encrypted traffic classification. IEEE ACM Trans Netw2023; 31: 1369–1384.
21.
HuangCWangRZhaoJ, et al.Malicious network traffic detection method based on traffic behavior characteristics and machine learning. In: 2023 IEEE 6th International conference on automation, electronics and electrical engineering (AUTEEE), 2023, pp.167–172. DOI: 10.1109/AUTEEE60196.2023.10407590.
22.
TangBHDengSYWuCP, et al.Research on malicious traffic detection methods based on deep learning. In: 2021 4th International conference on pattern recognition and artificial intelligence (PRAI), 2021, pp.469–475.
23.
ChenJYinSCaiS, et al.An efficient network intrusion detection model based on temporal convolutional networks. In: 2021 IEEE 21st International conference on software quality, reliability and security (QRS), 2021, pp.768–775. DOI: 10.1109/QRS54544.2021.00086.
24.
OwohNRileyJAshawaM, et al.An adaptive temporal convolutional network autoencoder for malicious data detection in mobile crowd sensing. Sensors2024; 24: 2353.
25.
LiuXZiangLZhangY, et al.TCN enhanced novel malicious traffic detection for IOT devices. Conn Sci2022; 34: 1322–1341.
26.
YilingLXiyongZ. Network abnormal traffic detection model based on CNN-bibasru-at. Microelect Comput2024; 41: 93–99.
27.
ChenJLinWCaiS, et al.Bitcn_drsn: an effective software vulnerability detection model based on an improved temporal convolutional network. J Syst Software2023a; 204: 111772.
28.
WangYYangKLiH. Industrial time-series modeling via adapted receptive field temporal convolution networks integrating regularly updated multi-region operations based on PCA. Chem Eng Sci2020; 228: 115956.
29.
GaoR. Rethinking dilated convolution for real-time semantic segmentation. In: 2023 IEEE/CVF conference on computer vision and pattern recognition workshops (CVPRW), 2023, pp.4675–4684. DOI: 10.1109/CVPRW59228.2023.00493.
30.
HendrycksDGimpelK. Gaussian error linear units (GELUs), 2023.
31.
BaiSKolterJZKoltunV. An empirical evaluation of generic convolutional and recurrent networks for sequence modeling. CoRR, 2018, abs/1803.01271, http://arxiv.org/abs/1803.01271.
32.
KhanSHAlahmadiTJUllahW, et al.A new deep boosted CNN and ensemble learning based IOT malware detection. Comput Sec2023; 133: 103385.
XuSChengYGuK, et al.Jointly attentive spatial-temporal pooling networks for video-based person re-identification. In: 2017 IEEE International conference on computer vision (ICCV), 2017, pp.4743–4752, Los Alamitos, CA, USA. IEEE Computer Society.
35.
SharafaldinILashkariAHGhorbaniAA. Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: International conference on information systems security and privacy, 2018, https://api.semanticscholar.org/CorpusID:4707749.
WangWZhuMZengX, et al.Malware traffic classification using convolutional neural network for representation learning. In: 2017 International conference on information networking (ICOIN), 2017, pp.712–717. DOI: 10.1109/ICOIN.2017.7899588.
38.
LiuX. An abnormal network traffic detection method on mawilab dataset based on convolutional neural network. In: 2022 IEEE 2nd International conference on electronic technology, communication and information (ICETCI), 2022, pp.1233–1235.
39.
Draper-GilGLashkariAHMamunMSI, et al.Characterization of encrypted and vpn traffic using time-related features. In: International conference on information systems security and privacy, 2016, https://api.semanticscholar.org/CorpusID:21535780.
40.
ChenJXieHCaiS, et al.GCN-MHSA: a novel malicious traffic detection method based on graph convolutional neural network and multi-head self-attention mechanism. Comput Sec2024; 147: 104083.
41.
AnithaTAanjankumarSPoonkuntranS, et al.A novel methodology for malicious traffic detection in smart devices using BI-ISTM–CNN-dependent deep learning methodology. Neural Comput Appl2023; 35: 20319–20338.
42.
AndresiniGAppiceAMalerbaD. Nearest cluster-based intrusion detection through convolutional neural networks. Knowl Based Syst2021; 216: 106798.
43.
García-MartínERodriguesCFRileyG, et al.Estimation of energy consumption in machine learning. J Parallel Distrib Comput2019; 134: 75–88.
LiSJinXXuanY, et al.Enhancing the locality and breaking the memory bottleneck of transformer on time series forecasting. NY, USA: Curran Associates Inc., Red Hook, 2019.
