FlowCorrGCN: Enhancing Flow Correlation Through Graph Convolutional Networks and Triplet Networks

Anonymous network tracing is a significant research subject in the field of network security, and flow correlation technology serves as a fundamental technique for deanonymizing network traffic. Existing flow correlation techniques are considered ineffective and unreliable when applied on a large sc...

Full description

Saved in:
Bibliographic Details
Published inInternational journal of intelligent systems Vol. 2024; no. 1
Main Authors Zhai, Jiangtao, Zhang, Kaijie, Zeng, Xiaolong, Meng, Yufei, Liu, Guangjie
Format Journal Article
LanguageEnglish
Published New York John Wiley & Sons, Inc 01.01.2024
Subjects
Accuracy
Algorithms
Artificial neural networks
Communication
Communications traffic
Correlation
Correlation analysis
Data encryption
Deep learning
Feature extraction
Flow mapping
Graph neural networks
Graph representations
Graphical representations
Methods
Neural networks
Privacy
Topology
Traffic flow
Online AccessGet full text

Cover

More Information
Summary:Anonymous network tracing is a significant research subject in the field of network security, and flow correlation technology serves as a fundamental technique for deanonymizing network traffic. Existing flow correlation techniques are considered ineffective and unreliable when applied on a large scale because they exhibit high false‐positive rates or require impractically long periods of traffic observation to achieve reliable correlations. To address this issue, this paper proposed an innovative flow correlation approach for the typical and most widely used Tor anonymous network by combining graph convolutional neural networks with triplet networks. Our proposed method involves extracting features such as packet intervals, packet lengths, and directions from Tor network traffic and encoding each flow into a graph representation. The integration of triplet networks enhances the internode relationships, which can effectively fuse flow representations with node associations. The graph convolutional neural network extracts features from the input graph topology, mapping them to distinct representations in the embedding space, thus effectively distinguishing different Tor flows. Experimental results demonstrate that with a false‐positive rate as low as 0.1%, the correlation accuracy reaches 86.4%, showcasing a 5.1% accuracy improvement compared to the existing state‐of‐the‐art methods.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0884-8173
1098-111X
DOI:10.1155/2024/8823511