Encrypted Traffic Classification

AI-powered methods for classifying and analyzing encrypted network traffic

Encrypted Traffic Classification

AI-powered methods for classifying and analyzing encrypted network traffic

Over 90% of internet traffic is now encrypted. While encryption protects privacy, it also makes traditional network monitoring impossible. We develop AI systems that classify encrypted traffic without breaking encryption—enabling network security and management while preserving user privacy.

Key Challenges

Modern encryption protocols (TLS 1.3, ESNI, DoH, HTTP/3) hide traffic characteristics completely. Network operators need to identify traffic types for security monitoring, quality of service, and capacity planning, but cannot compromise encryption or user privacy.

Our Approach

Generative AI for Data Synthesis

Using GANs to create realistic encrypted traffic datasets. Addresses data scarcity in encrypted traffic research.

Post-Quantum Traffic Classification

First system (PQClass) to classify traffic encrypted with post-quantum algorithms. Prepares networks for quantum-resistant cryptography.

Spectral Analysis

Frequency-domain analysis identifies application patterns in encrypted communications without decryption.

Advanced Data Augmentation

Novel techniques that improve model performance across diverse network conditions.

Zero-Day Detection

SimCSE-based contrastive learning detects previously unseen attack patterns in encrypted traffic.

Impact

Our methods achieve high accuracy while fully respecting encryption and privacy. Applications include real-time threat detection, network optimization, and the world's first post-quantum traffic classification system.

Related Publications

2026

  1. Quality of Experience Prediction for First Person Shooter Online Gaming: The Case Study of Call of Duty
    2026
    Yehonatan Zion, Eyal Paz, Ran Dubin, Amit Dvir, and Chen Hajaj
    Proceedings of the IEEE Consumer Communications & Networking Conference (CCNC 2026)

2025

  1. Enhancing Encrypted Internet Traffic Classification Through Advanced Data Augmentation Techniques
    2025
    Yehonatan Zion, Porat Aharon, Ran Dubin, Amit Dvir, and Chen Hajaj
    Proceedings of the IEEE International Conference on Communications
  2. PQClass: Classification of Post-Quantum Encryption Applications in Internet Traffic
    2025
    Angelos Marnerides, Chen Hajaj, Revital Marbel, Ran Dubin, and Amit Dvir
    Proceedings of the IEEE International Conference on Communications
  3. A Classification-by-Retrieval Framework for Few-Shot Anomaly Detection to Detect API Injection
    2025
    Udi Aharon, Ran Dubin, Amit Dvir, and Chen Hajaj
    Computers & Security

2024

  1. The Art of Time-Bending: Data Augmentation and Early Prediction for Efficient Traffic Classification
    2024
    Chen Hajaj, Porat Aharon, Ran Dubin, and Amit Dvir
    Expert Systems with Applications
  2. CBR–Boosting Adaptive Classification By Retrieval of Encrypted Network Traffic with Out-of-Distribution
    2024
    Amir Lukach, Ran Dubin, Amit Dvir, and Chen Hajaj
    arXiv preprint arXiv:2403.11206
  3. Enhancing Encrypted Internet Traffic Classification Through Advanced Data Augmentation Techniques
    2024
    Yehonatan Zion, Porat Aharon, Ran Dubin, Amit Dvir, and Chen Hajaj
    arXiv preprint arXiv:2407.16539
  4. OSF-EIMTC: An Open-Source Framework for Standardized Encrypted Internet Traffic Classification
    2024
    Ofek Bader, Adi Lichy, Amit Dvir, Ran Dubin, and Chen Hajaj
    Computer Communications
  5. Hidden in Time, Revealed in Frequency: Spectral Features and Multiresolution Analysis for Encrypted Internet Traffic Classification
    2024
    Nathan Dillbary, Roi Yozevitch, Amit Dvir, Ran Dubin, and Chen Hajaj
    2024 IEEE 21st Consumer Communications & Networking Conference (CCNC)
  6. Revolutionizing Our Way to Better Classifiers: Leveraging Synthetic Data with Generative Models for Encrypted Network Traffic Classification
    2024
    Yehonatan Zion, Chen Hajaj, Amit Dvir, Gil Ben-Artzi, Shahar Mahpod, and Ran Dubin
    Available at SSRN 4654236

2023

  1. When a RF Beats a CNN and GRU, Together—A Comparison of Deep Learning and Classical Machine Learning Approaches for Encrypted Malware Traffic Classification
    2023
    Adi Lichy, Ofek Bader, Ran Dubin, Amit Dvir, and Chen Hajaj
    Computers & Security

2022

  1. SimCSE for Encrypted Traffic Detection and Zero-Day Attack Detection
    2022
    Rotem Bar, and Chen Hajaj
    IEEE Access
  2. MalDIST: From Encrypted Traffic Classification to Malware Traffic Detection and Classification
    2022
    Ofek Bader, Adi Lichy, Chen Hajaj, Ran Dubin, and Amit Dvir
    2022 IEEE 19th annual consumer communications & networking conference (CCNC)

2021

  1. PCL: Packet Classification with Limited Knowledge
    2021
    Vitalii Demianiuk, Chen Hajaj, and Kirill Kogan
    IEEE INFOCOM 2021-IEEE Conference on Computer Communications

2020

  1. Encrypted Video Traffic Clustering Demystified
    2020
    Amit Dvir, Angelos K Marnerides, Ran Dubin, Nehor Golan, and Chen Hajaj
    Computers & Security
  2. Robust Machine Learning for Encrypted Traffic Classification
    2020
    Jonathan Muehlstein, Yehonatan Zion, Ofir Pele, Chen Hajaj, Ran Dubin, and Amit Dvir
    CoRR

2016

  1. Robust Machine Learning for Encrypted Traffic Classification
    2016
    Amit Dvir, Yehonatan Zion, Jonathan Muehlstein, Ofir Pele, Chen Hajaj, and Ran Dubin
    arXiv preprint arXiv:1603.04865