Toward Finer Granularity Analysis of Network Traffic

Yebo Feng
Date and time: 
Tue, Mar 15 2022 - 10:30am
Yebo Feng
University of Oregon
  • Jun Li (Chair)
  • Lei Jiao
  • Yingjui Li
  • Thanh Nguyen

Fine-grained traffic analysis (FGTA), as an advanced form of traffic analysis (TA), aims to analyze network traffic to deduce information related to application-layer activities, fine-grained user behaviors, or traffic content, even in the presence of traffic encryption or traffic obfuscation. Different from traditional TA, FGTA approaches are usually based on machine learning or high-dimensional clustering, enabling them to discover subtle differences between different network traffic sets. Nowadays, with the increasingly complex Internet architecture, the increasingly frequent transmission of user data, and the widespread use of traffic encryption, FGTA is becoming an essential tool for both network administrators and attackers to gain different levels of visibility over the network. It plays a critical role in intrusion and anomaly detection, quality of experience investigation, user activity inference, website fingerprinting, location estimation, etc. To help scholars and developers research and advance this technology, in this report, we examine the literature that deals with FGTA, investigating the frontier developments in this domain. By comprehensively surveying different approaches toward FGTA, we introduce their input traffic data, elaborate on their operating principles by different use cases, indicate their limitations and countermeasures, and raise several promising future research avenues.