works against adversarial domain name system tunnuling attacks using hybrid neural networks

Network traffic classification is an important function in networking systems, but the lack of labeled data for various network conditions inhibits most of the conventional classification models. The work proposes data-augmentation enhancement for a more efficient network traffic classification. The method generates synthetic data to increase the data set, thereby promoting classifier robustness and accuracy. In particular, we analyze the working of decision trees and stacking classifiers in the context of the enhanced classification. The decision tree classifier is picked mainly due to its interpretability and faster operational training, while the stacking classifier combines several different models to benefit from the complementary strengths of the individual models. This study uses two real-world datasets for evaluation: "TimeBasedFeatures-Dataset-15s-NO-VPN" and "TimeBasedFeatures-Dataset-15s-VPN," which embodies the presence or absence of VPN usage on network traffic. From the same experiment it has been ascertained that the proposed data augmentation enhances the performance of both the classifiers of traffic pattern differentiation particularly when operating under diverse network environments. It is also evident that the proposed method can be used as potential approach to improve traffic classification with high accuracy levels and applicability to real-world scenarios. Keywords: Network security, traffic analysis, and performance evaluation with regards to Network Traffic Classification, Data Augmentation, Decision Tree, Stacking Classifier, VPN Traffic, Time-based Features, Machine Learning.