A time-series classification approach to shallow web traffic de-anonymization


Web traffic analysis and classification has been extensively studied, both with classical and deep learning techniques. Many of these systems analyse the entire packet to perform the classification task. Due to the increase of encrypted traffic in recent years, this approach has become problematic. Moreover, few works focus on the classification of the users themselves, also called web traffic de-anonymization. In the present paper we address this problem by proposing an approach focused on a shallow, temporal analysis of web traffic data packets. We show that it is possible to identify the users of a network just by analyzing their navigation patterns and without accessing the content of the TCP packets. Finally, we propose a comparison between the performance of our approach and a more classical feed forward neural network architecture to showcase the informational power of temporal data in this context.

Proceedings of the Italian Conference on Cybersecurity (ITASEC 2021), All Digital Event, April 7-9, 2021