MetaRockETC: Adaptive Encrypted Traffic Classification in Complex Network Environments via Time Series Analysis and Meta-Learning

Encrypted Traffic Classification (ETC) is crucial for network security management and Quality of Service (QoS) improvement. There have been many attempts to tackle various ETC tasks, however, which generally suffer from task dependency and limited adaptability, falling short of meeting practical requirements. Under the realistic assumptions of complex network environments, diverse encryption techniques and ever-changing application landscapes coexist. It is highly desirable to learn the generic encrypted traffic representations to investigate the common knowledge across different ETC tasks and rapidly adapt to the dynamic shifts. To fill the gap, we propose MetaRockETC, a generic encrypted traffic classification framework, which extracts protocol-agnostic features to learn the common knowledge and rapidly adapt to novel ETC tasks and evolving network environments. In MetaRockETC, we first model packet length sequences of encrypted sessions as multivariate time series and perform random convolution kernel transformations to summarize discriminatory behavioral patterns across channels. By integrating MetaRockETC into an advanced Model-Agnostic Meta-Learning (MAML) framework, we learn a task-adaptive loss function to facilitate better generalization and transferability across diverse ETC tasks. Extensive experimental results demonstrate the superiority of MetaRockETC in both across-task and few-shot scenarios, highlighting its potential to provide a practical solution for encrypted traffic classification in real-world scenarios.