{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T18:35:12Z","timestamp":1771698912512,"version":"3.50.1"},"reference-count":44,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T00:00:00Z","timestamp":1625788800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T00:00:00Z","timestamp":1625788800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"name":"the National Key Research and Development Program of China","award":["2020YFB1807503"],"award-info":[{"award-number":["2020YFB1807503"]}]},{"name":"the National Key Research and Development Program of China","award":["2020YFB1807500"],"award-info":[{"award-number":["2020YFB1807500"]}]},{"DOI":"10.13039\/501100011151","name":"Key Laboratory of Computer Network and Information Integration of Ministry of Education","doi-asserted-by":"crossref","award":["Southeast University"],"award-info":[{"award-number":["Southeast University"]}],"id":[{"id":"10.13039\/501100011151","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Peer-to-Peer Netw. Appl."],"published-print":{"date-parts":[[2021,11]]},"DOI":"10.1007\/s12083-021-01214-2","type":"journal-article","created":{"date-parts":[[2021,7,9]],"date-time":"2021-07-09T03:03:31Z","timestamp":1625799811000},"page":"3674-3687","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["SFIM: Identify user behavior based on stable features"],"prefix":"10.1007","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8829-0182","authenticated-orcid":false,"given":"Hua","family":"Wu","sequence":"first","affiliation":[]},{"given":"Qiuyan","family":"Wu","sequence":"additional","affiliation":[]},{"given":"Guang","family":"Cheng","sequence":"additional","affiliation":[]},{"given":"Shuyi","family":"Guo","sequence":"additional","affiliation":[]},{"given":"Xiaoyan","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Shen","family":"Yan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,7,9]]},"reference":[{"issue":"4","key":"1214_CR1","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MNET.011.1900366","volume":"34","author":"M Shen","year":"2020","unstructured":"Shen M, Liu Y, Zhu L, Xu K, Du X, Guizani N (2020) Optimizing feature selection for efficient encrypted traffic classification: A systematic approach. IEEE Netw 34(4):20\u201327","journal-title":"IEEE Netw"},{"key":"1214_CR2","doi-asserted-by":"crossref","unstructured":"Moore AW, Zuev D (2005) Internet traffic classification using bayesian analysis techniques. In: Proceedings of the 2005 ACM SIGMETRICS international conference on measurement and modeling of computer systems, pp 50\u201360","DOI":"10.1145\/1071690.1064220"},{"key":"1214_CR3","doi-asserted-by":"crossref","unstructured":"Anderson B, McGrew D (2017) Machine learning for encrypted malware traffic classification: Accounting for noisy labels and non-stationarity. In: Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining, pp 1723\u20131732","DOI":"10.1145\/3097983.3098163"},{"key":"1214_CR4","doi-asserted-by":"crossref","unstructured":"Wang Q, Yahyavi A, Kemme B, He W (2015) I know what you did on your smartphone: Inferring app usage over encrypted data traffi. In: 2015 IEEE Conference on communications and network security (CNS). IEEE, pp 433\u2013441","DOI":"10.1109\/CNS.2015.7346855"},{"key":"1214_CR5","doi-asserted-by":"crossref","unstructured":"Muehlstein J, Zion Y, Bahumi M, Kirshenboim I, Dubin R, Dvir A, Pele O (2017) Analyzing https encrypted traffic to identify user\u2019s operating system, browser and application. In: 2017 14th IEEE annual consumer communications & networking conference (CCNC), IEEE, pp 1\u20136","DOI":"10.1109\/CCNC.2017.8013420"},{"key":"1214_CR6","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1016\/j.knosys.2015.03.002","volume":"82","author":"T Qin","year":"2015","unstructured":"Qin T, Wang L, Liu Z, Guan X (2015) Robust application identification methods for p2p and voip traffic classification in backbone networks. Knowl Based Syst 82:152\u2013162","journal-title":"Knowl Based Syst"},{"key":"1214_CR7","doi-asserted-by":"publisher","first-page":"182065","DOI":"10.1109\/ACCESS.2020.3029190","volume":"8","author":"X Wang","year":"2020","unstructured":"Wang X, Chen S, Su J (2020) Automatic mobile app identification from encrypted traffic with hybrid neural networks. IEEE Access 8:182065\u2013182077","journal-title":"IEEE Access"},{"key":"1214_CR8","doi-asserted-by":"crossref","unstructured":"Tiep M, Deepak A, Alessandra S (2015) Profiling user activities with minimal traffic traces. In: International conference on web engineering, Springer, pp 116\u2013133","DOI":"10.1007\/978-3-319-19890-3_9"},{"key":"1214_CR9","unstructured":"Saltaformaggio B, Choi H, Johnson K, Kwon Y, Zhang Q, Zhang X, Xu D, Qian J (2016) Eavesdropping on fine-grained user activities within smartphone apps over encrypted network traffic. In: 10th {USENIX} workshop on offensive technologies ({WOOT} 16)"},{"key":"1214_CR10","doi-asserted-by":"crossref","unstructured":"Alan HF, Kaur J (2016) Can android applications be identified using only tcp\/ip headers of their launch time traffic?. In: Proceedings of the 9th ACM conference on security & privacy in wireless and mobile networks, ACM, pp 61\u201366","DOI":"10.1145\/2939918.2939929"},{"issue":"9","key":"1214_CR11","doi-asserted-by":"publisher","first-page":"7489","DOI":"10.1007\/s11227-020-03372-1","volume":"76","author":"L Chen","year":"2020","unstructured":"Chen L, Gao S, Liu B, Zhigang L, Zhengwei J (2020) Ths-idpc: A three-stage hierarchical sampling method based on improved density peaks clustering algorithm for encrypted malicious traffic detection. Supercomput 76(9):7489\u20137518","journal-title":"Supercomput"},{"key":"1214_CR12","unstructured":"Miserendino SB, Klein RH, Peters RV, Kaloroumakis PE (2017) System and method for in-situ classifier retraining for malware identification and model heterogeneity, February 2 2017. US Patent App. 15\/176,784"},{"issue":"3","key":"1214_CR13","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1016\/j.comcom.2010.04.007","volume":"34","author":"L Wei","year":"2011","unstructured":"Wei L, Rammidi G, Ghorbani AA (2011) Clustering botnet communication traffic based on n-gram feature selection. Comput Commun 34(3):502\u2013514","journal-title":"Comput Commun"},{"key":"1214_CR14","doi-asserted-by":"crossref","unstructured":"Chen S, Wang R, Wang XF, Zhang K (2010) Side-channel leaks in web applications: A reality today, a challenge tomorrow. In: 2010 IEEE symposium on security and privacy, IEEE, pp 191\u2013206","DOI":"10.1109\/SP.2010.20"},{"key":"1214_CR15","unstructured":"Fielding RT, Taylor RN (2000) Architectural styles and the design of network-based software architectures, 7 University of California, Irvine Doctoral dissertation"},{"key":"1214_CR16","doi-asserted-by":"crossref","unstructured":"Wu H, Wu Q, Cheng G, Guo S (2020) Instagram user behavior identification based on multidimensional features. In: IEEE INFOCOM 2020 - IEEE conference on computer communications workshops (INFOCOM WKSHPS), pp 1111\u20131116","DOI":"10.1109\/INFOCOMWKSHPS50562.2020.9162688"},{"key":"1214_CR17","doi-asserted-by":"crossref","unstructured":"Yoon S-H, Park J-W, Park J-S, Oh Y-S, Kim M-S (2009) Internet application traffic classification using fixed ip-port. In: Asia-pacific network operations and management symposium, Springer, pp 21\u201330","DOI":"10.1007\/978-3-642-04492-2_3"},{"key":"1214_CR18","doi-asserted-by":"crossref","unstructured":"Dharmapurikar S, Krishnamurthy P, Sproull T, Lockwood J (2003) Deep packet inspection using parallel bloom filters. In: 11th Symposium on high performance interconnects, 2003. Proceedings, IEEE, pp 44\u201351","DOI":"10.1109\/CONECT.2003.1231477"},{"key":"1214_CR19","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1016\/j.jnca.2015.04.013","volume":"54","author":"M Najam","year":"2015","unstructured":"Najam M, Younis U, Rasool R (2015) Speculative parallel pattern matching using stride-k dfa for deep packet inspection. J Netw Comput Appl 54:78\u201387","journal-title":"J Netw Comput Appl"},{"key":"1214_CR20","doi-asserted-by":"crossref","unstructured":"Alshammari R, Zincir-Heywood AN (2009) Machine learning based encrypted traffic classification: Identifying ssh and skype. In: 2009 IEEE symposium on computational intelligence for security and defense applications, IEEE, pp 1\u20138","DOI":"10.1109\/CISDA.2009.5356534"},{"key":"1214_CR21","unstructured":"Chang L, Longtao H, Gang X, Zigang C, Zhen L (2019) Fs-net: A flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019-IEEE conference on computer communications, IEEE, pp 1171\u20131179"},{"key":"1214_CR22","doi-asserted-by":"crossref","unstructured":"Pradhan A, Behera S, Dash R (2018) Hybrid rbfn based encrypted ssh traffic classification. In: 2018 5th International conference on signal processing and integrated networks (SPIN), IEEE, pp 264\u2013269","DOI":"10.1109\/SPIN.2018.8474059"},{"key":"1214_CR23","doi-asserted-by":"crossref","unstructured":"Wang W, Zhu M, Wang J, Zeng X, Yang Z (2017) End-to-end encrypted traffic classification with one-dimensional convolution neural networks. In: 2017 IEEE International conference on intelligence and security informatics (ISI), IEEE, pp 43\u201348","DOI":"10.1109\/ISI.2017.8004872"},{"issue":"8","key":"1214_CR24","doi-asserted-by":"publisher","first-page":"1830","DOI":"10.1109\/TIFS.2017.2692682","volume":"12","author":"M Shen","year":"2017","unstructured":"Shen M, Wei M, Zhu L, Wang M (2017) Classification of encrypted traffic with second-order markov chains and application attribute bigrams. IEEE Trans Inf Forens Sec 12(8):1830\u20131843","journal-title":"IEEE Trans Inf Forens Sec"},{"issue":"11","key":"1214_CR25","doi-asserted-by":"publisher","first-page":"2851","DOI":"10.1109\/TMC.2016.2516020","volume":"15","author":"F Yanjie","year":"2016","unstructured":"Yanjie F, Xiong H, Xinjiang L, Yang J, Chen C (2016) Service usage classification with encrypted internet traffic in mobile messaging apps. IEEE Trans Mob Comput 15(11):2851\u20132864","journal-title":"IEEE Trans Mob Comput"},{"issue":"1994","key":"1214_CR26","first-page":"1","volume":"13","author":"D Michie","year":"1994","unstructured":"Michie D, Spiegelhalter DJ, Taylor CC, et al. (1994) Machine learning. Neural and Statistical Classification 13(1994):1\u2013298","journal-title":"Neural and Statistical Classification"},{"key":"1214_CR27","doi-asserted-by":"crossref","unstructured":"Liu C, Cao Z, Li Z, Xiong G (2018) Lafft: Length-aware fft based fingerprinting for encrypted network traffic classification. In: 2018 IEEE Symposium on computers and communications (ISCC) IEEE, pp 1\u20136","DOI":"10.1109\/ISCC.2018.8538732"},{"key":"1214_CR28","unstructured":"Lingjing K, Guowei H, Keke W (2017) Identification of abnormal network traffic using support vector machine. In: 2017 18th International conference on parallel and distributed computing, applications and technologies (PDCAT), IEEE, pp 288\u2013292"},{"issue":"6","key":"1214_CR29","doi-asserted-by":"publisher","first-page":"04016018","DOI":"10.1061\/(ASCE)TE.1943-5436.0000816","volume":"142","author":"B Yu","year":"2016","unstructured":"Yu B, Song X, Guan F, Yang Z, Yao B (2016) k-nearest neighbor model for multiple-time-step prediction of short-term traffic condition. J Transp Eng 142(6):04016018","journal-title":"J Transp Eng"},{"issue":"9","key":"1214_CR30","doi-asserted-by":"publisher","first-page":"2508","DOI":"10.1109\/TKDE.2016.2563436","volume":"28","author":"T Bo","year":"2016","unstructured":"Bo T, Kay S, He H (2016) Toward optimal feature selection in naive bayes for text categorization. IEEE Trans Knowl Data Eng 28(9):2508\u20132521","journal-title":"IEEE Trans Knowl Data Eng"},{"key":"1214_CR31","doi-asserted-by":"crossref","unstructured":"Yan F, Xu M, Qiao T, Wu T, Yang X, Zheng N, Choo K-KR (2018) Identifying wechat red packets and fund transfers via analyzing encrypted network traffic. In: 2018 17th IEEE international conference on trust, security and privacy in computing and communications\/12th IEEE international conference on big data science and engineering (TrustCom\/BigDataSE), IEEE, pp 1426\u20131432","DOI":"10.1109\/TrustCom\/BigDataSE.2018.00198"},{"key":"1214_CR32","doi-asserted-by":"crossref","unstructured":"He G, Bingfeng X, Haiting Z (2017) Identifying mobile applications for encrypted network traffic. In: Fifth international conference on advanced cloud and big data (CBD), IEEE, pp 279\u2013284, p 2017","DOI":"10.1109\/CBD.2017.55"},{"issue":"1","key":"1214_CR33","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TIFS.2015.2478741","volume":"11","author":"M Conti","year":"2016","unstructured":"Conti M, Mancini LV, Spolaor R, Verde NV (2016) Analyzing android encrypted network traffic to identify user actions. IEEE Trans Inf Foren Sec 11(1):114\u2013125","journal-title":"IEEE Trans Inf Foren Sec"},{"key":"1214_CR34","doi-asserted-by":"crossref","unstructured":"Ata S, Iemura Y, Nakamura N, Oka I (2017) Identification of user behavior from flow statistics. In: 2017 19th asia-pacific network operations and management symposium (APNOMS), pp 42\u201347","DOI":"10.1109\/APNOMS.2017.8094176"},{"key":"1214_CR35","doi-asserted-by":"crossref","unstructured":"Li D, Li W, Wang X, Nguyen C, Lu S (2019) Activetracker: Uncovering the trajectory of app activities over encrypted internet traffic streams. In: 2019 16th Annual IEEE international conference on sensing, communication, and networking (SECON), pp 1\u20139","DOI":"10.1109\/SAHCN.2019.8824928"},{"issue":"2","key":"1214_CR36","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MIS.2018.111145120","volume":"33","author":"E Grolman","year":"2018","unstructured":"Grolman E, Finkelshtein A, Puzis R, Shabtai A, Celniker G, Katzir Z, Rosenfeld L (2018) Transfer learning for user action identication in mobile apps via encrypted trafc analysis. IEEE Intell Syst 33(2):40\u201353","journal-title":"IEEE Intell Syst"},{"issue":"11","key":"1214_CR37","doi-asserted-by":"publisher","first-page":"2851","DOI":"10.1109\/TMC.2016.2516020","volume":"15","author":"Y Fu","year":"2016","unstructured":"Fu Y, Xiong H, Lu X, Yang J, Chen C (2016) Service usage classification with encrypted internet traffic in mobile messaging apps. IEEE Trans Mob Comput 15(11):2851\u20132864","journal-title":"IEEE Trans Mob Comput"},{"key":"1214_CR38","doi-asserted-by":"crossref","unstructured":"Liu J, Yanjie F, Ming J, Ren Y, Sun L, Xiong H (2017) Effective and real-time in-app activity analysis in encrypted internet traffic streams. In: Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining, pp 335\u2013 344","DOI":"10.1145\/3097983.3098049"},{"issue":"3","key":"1214_CR39","doi-asserted-by":"publisher","first-page":"653","DOI":"10.1109\/LWC.2018.2879514","volume":"8","author":"W Quan","year":"2019","unstructured":"Quan W, Cheng N, Qin M, Zhang H, Chan HA, Shen X (2019) Adaptive transmission control for software defined vehicular networks. IEEE Wireless Commun Lett 8(3):653\u2013656","journal-title":"IEEE Wireless Commun Lett"},{"issue":"8","key":"1214_CR40","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MCOM.2017.1601162","volume":"55","author":"W Quan","year":"2017","unstructured":"Quan W, Liu Y, Zhang H, Yu S (2017) Enhancing crowd collaborations for software defined vehicular networks. IEEE Commun Mag 55(8):80\u201386","journal-title":"IEEE Commun Mag"},{"key":"1214_CR41","doi-asserted-by":"crossref","unstructured":"Liu Y, Feng T, Peng M, Guan J, Wang Y (2020) Dream: Online control mechanisms for data aggregation error minimization in privacy-preserving crowdsensing. In: IEEE Transactions on dependable and secure computing. pp 1\u20131","DOI":"10.1109\/TDSC.2020.3011679"},{"issue":"10","key":"1214_CR42","doi-asserted-by":"publisher","first-page":"8616","DOI":"10.1109\/JIOT.2020.3047105","volume":"8","author":"Y Liu","year":"2020","unstructured":"Liu Y, Wang H, Peng M, Guan J, Wang Y (2020) An incentive mechanism for privacy-preserving crowdsensing via deep reinforcement learning. IEEE Int Things J 8(10):8616\u20138631","journal-title":"IEEE Int Things J"},{"key":"1214_CR43","doi-asserted-by":"crossref","unstructured":"Pautasso C (2014) Restful web services: Principles, patterns, emerging technologies. In: Web services foundations, Springer, pp 31\u201351","DOI":"10.1007\/978-1-4614-7518-7_2"},{"key":"1214_CR44","doi-asserted-by":"crossref","unstructured":"Hou C, Shi J, Kang C, Cao Z, Gang X (2018) Classifying user activities in the encrypted wechat traffic. In: 2018 IEEE 37th International performance computing and communications conference (IPCCC), pp 1\u20138","DOI":"10.1109\/PCCC.2018.8711267"}],"container-title":["Peer-to-Peer Networking and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-021-01214-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s12083-021-01214-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12083-021-01214-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,10,23]],"date-time":"2021-10-23T07:07:28Z","timestamp":1634972848000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s12083-021-01214-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,9]]},"references-count":44,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2021,11]]}},"alternative-id":["1214"],"URL":"https:\/\/doi.org\/10.1007\/s12083-021-01214-2","relation":{},"ISSN":["1936-6442","1936-6450"],"issn-type":[{"value":"1936-6442","type":"print"},{"value":"1936-6450","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,9]]},"assertion":[{"value":"18 January 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 June 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 July 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}