Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning

Jinhe Wu; Chenchen Ren; Wei Wang; Endong Tong; Wei Liang; Zuobin Ying; Meng Shen; Liehuang Zhu

doi:10.1007/978-981-95-3477-7_15

Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning

Jinhe Wu
, Chenchen Ren
, Wei Wang
, Endong Tong
, Wei Liang
, Zuobin Ying
, Meng Shen^*
, Liehuang Zhu

^*Corresponding author for this work

School of Cyberspace Science and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42% compared to the SOTA method.

Original language	English
Title of host publication	Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers
Editors	Jianguo Chen, Xiaonan Luo, Yuanlong Yu
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	201-214
Number of pages	14
ISBN (Print)	9789819534760
DOIs	https://doi.org/10.1007/978-981-95-3477-7_15
Publication status	Published - 2026
Event	7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025 - Zhuhai, China Duration: 30 May 2025 → 31 May 2025

Publication series

Name	Communications in Computer and Information Science
Volume	2637 CCIS
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025
Country/Territory	China
City	Zhuhai
Period	30/05/25 → 31/05/25

Keywords

Blockchain
Data Augmentation
Decentralized Applications
Encrypted Traffic Classification
Graph Contrastive Learning

Access to Document

10.1007/978-981-95-3477-7_15

Cite this

Wu, J., Ren, C., Wang, W., Tong, E., Liang, W., Ying, Z., Shen, M., & Zhu, L. (2026). Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning. In J. Chen, X. Luo, & Y. Yu (Eds.), Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers (pp. 201-214). (Communications in Computer and Information Science; Vol. 2637 CCIS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-95-3477-7_15

Wu, Jinhe ; Ren, Chenchen ; Wang, Wei et al. / Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning. Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers. editor / Jianguo Chen ; Xiaonan Luo ; Yuanlong Yu. Springer Science and Business Media Deutschland GmbH, 2026. pp. 201-214 (Communications in Computer and Information Science).

@inproceedings{40ba678397a94bb7b72e485539ce7145,

title = "Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning",

abstract = "Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42\% compared to the SOTA method.",

keywords = "Blockchain, Data Augmentation, Decentralized Applications, Encrypted Traffic Classification, Graph Contrastive Learning",

author = "Jinhe Wu and Chenchen Ren and Wei Wang and Endong Tong and Wei Liang and Zuobin Ying and Meng Shen and Liehuang Zhu",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.; 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025 ; Conference date: 30-05-2025 Through 31-05-2025",

year = "2026",

doi = "10.1007/978-981-95-3477-7\_15",

language = "English",

isbn = "9789819534760",

series = "Communications in Computer and Information Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "201--214",

editor = "Jianguo Chen and Xiaonan Luo and Yuanlong Yu",

booktitle = "Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers",

address = "Germany",

}

Wu, J, Ren, C, Wang, W, Tong, E, Liang, W, Ying, Z, Shen, M & Zhu, L 2026, Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning. in J Chen, X Luo & Y Yu (eds), Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers. Communications in Computer and Information Science, vol. 2637 CCIS, Springer Science and Business Media Deutschland GmbH, pp. 201-214, 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Zhuhai, China, 30/05/25. https://doi.org/10.1007/978-981-95-3477-7_15

Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning. / Wu, Jinhe; Ren, Chenchen; Wang, Wei et al.
Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers. ed. / Jianguo Chen; Xiaonan Luo; Yuanlong Yu. Springer Science and Business Media Deutschland GmbH, 2026. p. 201-214 (Communications in Computer and Information Science; Vol. 2637 CCIS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning

AU - Wu, Jinhe

AU - Ren, Chenchen

AU - Wang, Wei

AU - Tong, Endong

AU - Liang, Wei

AU - Ying, Zuobin

AU - Shen, Meng

AU - Zhu, Liehuang

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.

PY - 2026

Y1 - 2026

N2 - Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42% compared to the SOTA method.

AB - Decentralized applications (DApps) are widely deployed on blockchain platforms like Ethereum. DApp fingerprinting identifies user access to specific DApps by analyzing encrypted network traffic, revealing sensitive information. Since different DApps on the same platform share similar communication interfaces and encryption settings, their traffic is difficult to distinguish. Existing encrypted traffic classification methods often rely on large labeled datasets and perform poorly in few-shot scenarios. In this paper, we propose GraphCLR, which enhances few-shot learning capabilities through data augmentation and contrastive learning. GraphCLR represents traffic as a Traffic Interaction Graph (TIG) and designs three data augmentation strategies, transforming DApp fingerprinting into a graph classification task. Experimental results show that GraphCLR demonstrates stronger generalization ability in few-shot scenarios. Specifically, with only 5 labeled instances per type for fine-tuning, GraphCLR achieves an average accuracy improvement of 24.42% compared to the SOTA method.

KW - Blockchain

KW - Data Augmentation

KW - Decentralized Applications

KW - Encrypted Traffic Classification

KW - Graph Contrastive Learning

UR - https://www.scopus.com/pages/publications/105028089798

U2 - 10.1007/978-981-95-3477-7_15

DO - 10.1007/978-981-95-3477-7_15

M3 - Conference contribution

AN - SCOPUS:105028089798

SN - 9789819534760

T3 - Communications in Computer and Information Science

SP - 201

EP - 214

BT - Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers

A2 - Chen, Jianguo

A2 - Luo, Xiaonan

A2 - Yu, Yuanlong

PB - Springer Science and Business Media Deutschland GmbH

T2 - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025

Y2 - 30 May 2025 through 31 May 2025

ER -

Wu J, Ren C, Wang W, Tong E, Liang W, Ying Z et al. Few-Shot Decentralized Application Identification via Encrypted Traffic Analysis Using Graph Contrastive Learning. In Chen J, Luo X, Yu Y, editors, Blockchain and Trustworthy Systems - 7th International Conference on Blockchain, Artificial Intelligence, and Trustworthy Systems, BlockSys 2025, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2026. p. 201-214. (Communications in Computer and Information Science). doi: 10.1007/978-981-95-3477-7_15