Encrypted Traffic Classification

AI-powered classification of encrypted network traffic — enabling security monitoring and QoS management without compromising encryption or user privacy.

Encrypted Traffic Classification

Encrypted Traffic Classification

AI that classifies encrypted network traffic for security and QoS — without breaking encryption or compromising privacy.

Over 90% of internet traffic is now encrypted. While encryption protects privacy, it makes traditional network monitoring impossible. We build AI systems that classify and analyze encrypted traffic without decryption — enabling security, quality of service, and compliance while preserving user privacy.

Key Contributions

  • PQClass: Post-Quantum Traffic Classification — The first system to classify traffic encrypted with post-quantum algorithms (CRYSTALS-Kyber, NTRU), ensuring network visibility during the quantum cryptography transition.
  • GAN-Based Data Synthesis — Generative adversarial networks that produce realistic encrypted traffic datasets, addressing the scarcity of shareable labeled data in this domain.
  • Spectral Analysis for Protocol Identification — Frequency-domain analysis of packet inter-arrival times and sizes reveals application fingerprints inside TLS 1.3 and ESNI without any payload inspection.
  • Zero-Day Attack Detection — SimCSE-based contrastive learning builds traffic representations that generalize to unseen attack patterns without retraining on labeled attack data.

Impact

Our methods are validated on real-world datasets from commercial ISPs and academic network captures. Applications include real-time threat detection in enterprise networks, QoE optimization for streaming services, and network capacity planning — all with full encryption preserved.

Related Publications

2026

  1. Quality of Experience Prediction for First Person Shooter Online Gaming: The Case Study of Call of Duty
    2026
    Yehonatan Zion, Eyal Paz, Ran Dubin, Amit Dvir, and Chen Hajaj
    Proceedings of the IEEE Consumer Communications & Networking Conference (CCNC 2026)

2025

  1. Enhancing Encrypted Internet Traffic Classification Through Advanced Data Augmentation Techniques
    2025
    Yehonatan Zion, Porat Aharon, Ran Dubin, Amit Dvir, and Chen Hajaj
    Proceedings of the IEEE International Conference on Communications
  2. PQClass: Classification of Post-Quantum Encryption Applications in Internet Traffic
    2025
    Angelos Marnerides, Chen Hajaj, Revital Marbel, Ran Dubin, and Amit Dvir
    Proceedings of the IEEE International Conference on Communications
  3. A Classification-by-Retrieval Framework for Few-Shot Anomaly Detection to Detect API Injection
    2025
    Udi Aharon, Ran Dubin, Amit Dvir, and Chen Hajaj
    Computers & Security

2024

  1. The Art of Time-Bending: Data Augmentation and Early Prediction for Efficient Traffic Classification
    2024
    Chen Hajaj, Porat Aharon, Ran Dubin, and Amit Dvir
    Expert Systems with Applications
  2. CBR–Boosting Adaptive Classification By Retrieval of Encrypted Network Traffic with Out-of-Distribution
    2024
    Amir Lukach, Ran Dubin, Amit Dvir, and Chen Hajaj
    arXiv preprint arXiv:2403.11206
  3. OSF-EIMTC: An Open-Source Framework for Standardized Encrypted Internet Traffic Classification
    2024
    Ofek Bader, Adi Lichy, Amit Dvir, Ran Dubin, and Chen Hajaj
    Computer Communications
  4. Hidden in Time, Revealed in Frequency: Spectral Features and Multiresolution Analysis for Encrypted Internet Traffic Classification
    2024
    Nathan Dillbary, Roi Yozevitch, Amit Dvir, Ran Dubin, and Chen Hajaj
    2024 IEEE 21st Consumer Communications & Networking Conference (CCNC)
  5. Revolutionizing Our Way to Better Classifiers: Leveraging Synthetic Data with Generative Models for Encrypted Network Traffic Classification
    2024
    Yehonatan Zion, Chen Hajaj, Amit Dvir, Gil Ben-Artzi, Shahar Mahpod, and Ran Dubin
    Available at SSRN 4654236

2023

  1. When a RF Beats a CNN and GRU, Together—A Comparison of Deep Learning and Classical Machine Learning Approaches for Encrypted Malware Traffic Classification
    2023
    Adi Lichy, Ofek Bader, Ran Dubin, Amit Dvir, and Chen Hajaj
    Computers & Security

2022

  1. SimCSE for Encrypted Traffic Detection and Zero-Day Attack Detection
    2022
    Rotem Bar, and Chen Hajaj
    IEEE Access
  2. MalDIST: From Encrypted Traffic Classification to Malware Traffic Detection and Classification
    2022
    Ofek Bader, Adi Lichy, Chen Hajaj, Ran Dubin, and Amit Dvir
    2022 IEEE 19th annual consumer communications & networking conference (CCNC)

2021

  1. PCL: Packet Classification with Limited Knowledge
    2021
    Vitalii Demianiuk, Chen Hajaj, and Kirill Kogan
    IEEE INFOCOM 2021-IEEE Conference on Computer Communications

2020

  1. Encrypted Video Traffic Clustering Demystified
    2020
    Amit Dvir, Angelos K Marnerides, Ran Dubin, Nehor Golan, and Chen Hajaj
    Computers & Security
  2. Robust Machine Learning for Encrypted Traffic Classification
    2020
    Jonathan Muehlstein, Yehonatan Zion, Ofir Pele, Chen Hajaj, Ran Dubin, and Amit Dvir
    CoRR