{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T16:31:13Z","timestamp":1756312273348,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031708893"},{"type":"electronic","value":"9783031708909"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-70890-9_9","type":"book-chapter","created":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T09:24:24Z","timestamp":1725528264000},"page":"162-181","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["ProxyKiller: An Anonymous Proxy Traffic Attack Model Based on\u00a0Traffic Behavior Graphs"],"prefix":"10.1007","author":[{"given":"Hongbo","family":"Xu","sequence":"first","affiliation":[]},{"given":"Zhenyu","family":"Cheng","sequence":"additional","affiliation":[]},{"given":"Shuhao","family":"Li","sequence":"additional","affiliation":[]},{"given":"Chenxu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Peishuai","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Jiang","family":"Xie","sequence":"additional","affiliation":[]},{"given":"Qingyun","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,9,6]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Al-Naami, K., et al.: Adaptive encrypted traffic fingerprinting with bi-directional dependence. In: Proceedings of the 32nd Annual Conference on Computer Security Applications (2016)","DOI":"10.1145\/2991079.2991123"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Alice, Bob, Carol, Beznazwy, J., Houmansadr, A.: How China Detects and Blocks Shadowsocks. In: Proceedings of the ACM Internet Measurement Conference, pp. 111\u2013124 (2020)","DOI":"10.1145\/3419394.3423644"},{"key":"9_CR3","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108719","volume":"204","author":"Z Aouini","year":"2022","unstructured":"Aouini, Z., Pek\u00e1r, A.: NFStream: a flexible network data analysis framework. Comput. Networks 204, 108719 (2022)","journal-title":"Comput. Networks"},{"key":"9_CR4","unstructured":"Azab, A., Khasawneh, M.T., Alrabaee, S., Choo, K.K.R., Sarsour, M.: Network traffic classification: techniques, datasets, and challenges. Digit. Commun. Networks (2022)"},{"key":"9_CR5","unstructured":"Breakwa11: ShadowsocksR Project. https:\/\/github.com\/shadowsocksrr. Accessed 12 Sept 2023"},{"key":"9_CR6","first-page":"84110","volume":"9","author":"HY Chen","year":"2021","unstructured":"Chen, H.Y., Lin, T.N.: The challenge of only one flow problem for traffic classification in identity obfuscation. Environments 9, 84110\u201384121 (2021)","journal-title":"Environments"},{"key":"9_CR7","unstructured":"Clowwindy: Shadowsocks Project. https:\/\/github.com\/shadowsocks (2012). Accessed 12 Sept 2023"},{"key":"9_CR8","unstructured":"Community, D.: DataCon Open Dataset - DataCon2021 - Encrypted Proxy Traffic Dataset. https:\/\/datacon.qianxin.com\/opendata\/openpage?resourcesId=10 (2021). Accessed 12 Sept 2023"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Frolov, S., Wampler, J., Wustrow, E.: Detecting Probe-resistant Proxies. In: Network and Distributed System Security Symposium (2020)","DOI":"10.14722\/ndss.2020.23087"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Frolov, S., Wustrow, E.: HTTPT: a probe-resistant proxy. In: 10th USENIX Workshop on Free and Open Communications on the Internet (FOCI 20) (2020)","DOI":"10.14722\/ndss.2020.23087"},{"key":"9_CR11","unstructured":"Gorishniy, Y., Rubachev, I., Khrulkov, V., Babenko, A.: Revisiting Deep Learning Models for Tabular Data. vol. abs\/2106.11959, pp. 18932\u201318943 (2021)"},{"key":"9_CR12","unstructured":"GreaterFire: Trojan-GFW Project. https:\/\/github.com\/trojan-gfw. Accessed 12 Sept 2023"},{"key":"9_CR13","first-page":"507","volume":"35","author":"L Grinsztajn","year":"2022","unstructured":"Grinsztajn, L., Oyallon, E., Varoquaux, G.: Why do tree-based models still outperform deep learning on typical tabular data? Adv. Neural. Inf. Process. Syst. 35, 507\u2013520 (2022)","journal-title":"Adv. Neural. Inf. Process. Syst."},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Gu, Z., Gou, G., Hou, C., Xiong, G., Li, Z.: LFETT2021: A large-scale fine-grained encrypted tunnel traffic dataset. In: 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 240\u2013249 (2021)","DOI":"10.1109\/TrustCom53373.2021.00048"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Hou, Z., Liu, X., Cen, Y., Dong, Y., Yang, H., Wang, C., Tang, J.: GraphMAE: self-supervised masked graph autoencoders. In: Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 594\u2013604 (2022)","DOI":"10.1145\/3534678.3539321"},{"key":"9_CR16","unstructured":"Kipf, T., Welling, M.: Semi-supervised classification with graph convolutional networks. ArXiv abs\/1609.02907 (2016)"},{"key":"9_CR17","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103000","volume":"124","author":"A Lichy","year":"2022","unstructured":"Lichy, A., Bader, O., Dubin, R., Dvir, A., Hajaj, C.: When a RF Beats a CNN and GRU, together - a comparison of deep learning and classical machine learning approaches for encrypted malware traffic classification. Comput. Secur. 124, 103000 (2022)","journal-title":"Comput. Secur."},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: FS-Net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, pp. 1171\u20131179 (2019)","DOI":"10.1109\/INFOCOM.2019.8737507"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Panchenko, A., et al.: Website fingerprinting at internet scale. In: Network and Distributed System Security Symposium (2016)","DOI":"10.14722\/ndss.2016.23477"},{"key":"9_CR20","unstructured":"Raymond, V.: Project V. https:\/\/github.com\/v2ray. Accessed 12 Sept 2023"},{"key":"9_CR21","unstructured":"Salesforce: JA3: A method for fingerprinting SSL clients (2024). https:\/\/github.com\/salesforce\/ja3. Accessed 17 Apr 2024"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Shadowsocks-NET: Shadowsocks 2022 Edition. https:\/\/github.com\/Shadowsocks-NET\/shadowsocks-specs\/blob\/main\/2022-1-shadowsocks-2022-edition.md (2022). Accessed 17 Apr 2024","DOI":"10.1155\/2022\/4862571"},{"key":"9_CR23","doi-asserted-by":"publisher","first-page":"2367","DOI":"10.1109\/TIFS.2021.3050608","volume":"16","author":"M Shen","year":"2021","unstructured":"Shen, M., Zhang, J., Zhu, L., Xu, K., Du, X.: Accurate decentralized application identification via encrypted traffic analysis using graph neural networks. IEEE Trans. Inf. Forensics Secur. 16, 2367\u20132380 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"9_CR24","unstructured":"Velickovic, P., Cucurull, G., Casanova, A., Romero, A., Lio\u2019, P., Bengio, Y.: Graph attention networks. ArXiv abs\/1710.10903 (2017)"},{"key":"9_CR25","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108659","volume":"203","author":"S Wang","year":"2021","unstructured":"Wang, S., Yang, C., Guo, G., Chen, M., Ma, J.: SSAPPIDENTIFY: a robust system identifies application over Shadowsocks\u2019s traffic. Comput. Networks 203, 108659 (2021)","journal-title":"Comput. Networks"},{"key":"9_CR26","unstructured":"Wu, M.L., et al.: How the great firewall of china detects and blocks fully encrypted traffic. In: USENIX Security Symposium (2023)"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Xie, J., Li, S., chun Yun, X., Zhang, Y., Chang, P.: HSTF-Model: an HTTP-based Trojan detection model via the Hierarchical Spatio-temporal Features of Traffics. Comput. Secur. 96, 101923 (2020)","DOI":"10.1016\/j.cose.2020.101923"},{"key":"9_CR28","unstructured":"Xu, K., Hu, W., Leskovec, J., Jegelka, S.: How powerful are graph neural networks? Abs\/1810.00826 (2019)"},{"key":"9_CR29","unstructured":"Xue, D., Kallitsis, M., Houmansadr, A., Ensafi, R.: Fingerprinting Obfuscated Proxy Traffic with Encapsulated TLS Handshakes (2024)"},{"key":"9_CR30","doi-asserted-by":"crossref","unstructured":"Zhao, P., Gou, G., Liu, C., Guan, Y., Cui, M., Xiong, G.: TMT-RF: tunnel mixed traffic classification based on random forest. In: Security and Privacy in Communication Networks (2021)","DOI":"10.1007\/978-3-030-90019-9_21"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-70890-9_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T09:26:25Z","timestamp":1725528385000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-70890-9_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031708893","9783031708909"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-70890-9_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"6 September 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bydgoszcz","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 September 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2024.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}