TY  - INPR
JF  - IEEE Communications Surveys & Tutorials
A1  - Feng, Yebo
A1  - Li, Jun
A1  - Mirkovic, Jelena
A1  - Wu, Cong
A1  - Wang, Chong
A1  - Ren, Hao
A1  - Xu, Jiahua
A1  - Liu, Yang
KW  - Network traffic
KW  -  traffic analysis
KW  -  traffic classification
KW  -  traffic monitoring
KW  -  fine-grained traffic analysis
KW  -  intrusion
detection
KW  -  user behavior identification
N2  - Fine-grained traffic analysis (FGTA), as an advanced form of traffic analysis (TA), aims to analyze network traffic to deduce fine-grained information on or above the application layer, such as application-layer activities, fine-grained user behaviors, or message content, even in the presence of traffic encryption or traffic obfuscation. Different from traditional TA, FGTA approaches are usually based on complicated processing pipelines or sophisticated data mining techniques such as deep learning or high-dimensional clustering, enabling them to discover subtle differences between different network traffic groups. Nowadays, with the increasingly complex Internet architecture, the increasingly frequent transmission of user data, and the widespread use of traffic encryption, FGTA is becoming an essential tool for both network administrators and attackers to gain different levels of visibility over the network. It plays a critical role in intrusion and anomaly detection, quality of experience investigation, user activity inference, website fingerprinting, location estimation, etc. To help scholars and developers research and advance this technology, in this survey paper, we examine the literature that deals with FGTA, investigating the frontier developments in this domain. By comprehensively surveying different approaches toward FGTA, we introduce their input traffic data, elaborate on their operating principles by different use cases, indicate their limitations and countermeasures, and raise several promising future research avenues.
ID  - discovery10206661
PB  - Institute of Electrical and Electronics Engineers (IEEE)
UR  - https://doi.org/10.1109/comst.2025.3545541
SN  - 1553-877X
N1  - This version is the author accepted manuscript. For information on re-use, please refer to the publisher?s terms and conditions.
TI  - Unmasking the Internet: A Survey of Fine-Grained Network Traffic Analysis
AV  - public
Y1  - 2025/02/25/
ER  -