TrafficMoE: Heterogeneity-aware Mixture of Experts for Encrypted Traffic Classification
arXiv:2603.29520v1 Announce Type: new Abstract: Encrypted traffic classification is a critical task for network security. While deep learning has advanced this field, the occlusion of payload semantics by encryption severely challenges standard modeling approaches. Most existing frameworks rely on static and homogeneous pipelines that apply uniform parameter sharing and static fusion strategies across all inputs. This one-size-fits-all static design is inherently flawed: by forcing structured headers and randomized payloads into a unified processing pipeline, it inevitably entangles the raw protocol signals with stochastic encryption noise, thereby degrading the fine-grained discriminative features. In this paper, we propose TrafficMoE, a framework that breaks through the bottleneck of sta
View PDF HTML (experimental)
Abstract:Encrypted traffic classification is a critical task for network security. While deep learning has advanced this field, the occlusion of payload semantics by encryption severely challenges standard modeling approaches. Most existing frameworks rely on static and homogeneous pipelines that apply uniform parameter sharing and static fusion strategies across all inputs. This one-size-fits-all static design is inherently flawed: by forcing structured headers and randomized payloads into a unified processing pipeline, it inevitably entangles the raw protocol signals with stochastic encryption noise, thereby degrading the fine-grained discriminative features. In this paper, we propose TrafficMoE, a framework that breaks through the bottleneck of static modeling by establishing a Disentangle-Filter-Aggregate (DFA) paradigm. Specifically, to resolve the structural between-components conflict, the architecture disentangles headers and payloads using dual-branch sparse Mixture-of-Experts (MoE), enabling modality-specific modeling. To mitigate the impact of stochastic noise, an uncertainty-aware filtering mechanism is introduced to quantify reliability and selectively suppress high-variance representations. Finally, to overcome the limitations of static fusion, a routing-guided strategy aggregates cross-modality features dynamically, that adaptively weighs contributions based on traffic context. With this DFA paradigm, TrafficMoE maximizes representational efficiency by focusing solely on the most discriminative traffic features. Extensive experiments on six datasets demonstrate TrafficMoE consistently outperforms state-of-the-art methods, validating the necessity of heterogeneity-aware modeling in encrypted traffic analysis. The source code is publicly available at this https URL.
Comments: Project page \url{this https URL}
Subjects:
Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI); Multimedia (cs.MM); Networking and Internet Architecture (cs.NI)
Cite as: arXiv:2603.29520 [cs.CR]
(or arXiv:2603.29520v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2603.29520
arXiv-issued DOI via DataCite (pending registration)
Submission history
From: Lei Zhang [view email] [v1] Tue, 31 Mar 2026 10:05:54 UTC (1,338 KB)
Sign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
modelannounceavailable
STEEP: Your repo's fortune, steeped in truth.
This is a submission for the DEV April Fools Challenge What I Built Think teapot. Think tea. Think Ig Nobel. Think esoteric. Think absolutely useless. Think...Harry Potter?...Professor Trelawney?...divination! Tea leaf reading. For GitHub repos. That's Steep . Paste a public GitHub repo URL. Steep fetches your commit history, file tree, languages, README, and contributors. It finds patterns in the data and maps them to real tasseography symbols, the same symbols tea leaf readers have used for centuries. Mountain. Skull. Heart. Snake. Teacup. Then Madame Steep reads them. Madame Steep is an AI fortune teller powered by the Gemini API. She trained at a prestigious academy (she won't say which) and pivoted to software divination when she realized codebases contain more suffering than any teac
Stop Explaining Your Codebase to Your AI Every Time
Every conversation with your AI starts the same way. "I'm building a Rails app, deployed on Hetzner, using SQLite..." You've typed this a hundred times. Your AI is smart. But it has no memory. Every chat starts from zero. Your project context, your conventions, your past decisions — gone. What if your AI already knew all of that? Here are five notes that make that happen. 1. Your stack, saved once Write one note with your tech stack, deployment setup, and conventions. Now every conversation starts with context. Now ask: "Write a background job that syncs user data to Stripe." Your AI reads the note. It knows it's Rails, knows you use Solid Queue, knows your conventions. No preamble needed. 2. Error fixes you'll hit again You spend 45 minutes debugging a Kamal deploy. You find the fix. A we
What counts as RAG?
I have always considered the term RAG to be a hype term. to me Retrieval Augmented Generation just means the model retrieves the data, interprets it based on what you requested and responds with the data in context, meaning any agentic system that has and uses a tool to read data from a source (weather it's a database or a filesystem) and interprets that data and returns a response is technically augmenting the data and generating a result, thus it is RAG. Mainly just trying to figure out how to communicate with those that seem to live on the hype cycle submitted by /u/cmdr-William-Riker [link] [comments]
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
More in Releases
📙 Journal Log no. 1 Linux Unhatched ; My DevSecOps Journey
I graduated with a B.Eng in Mechanical Engineering in 2018, but my career path has always been driven by the logic of systems. After earning my Google IT Automation with Python Professional Certificate, I realized that the most powerful engines today are built in the cloud. I am now officially on my journey toward DevSecOps. This log marks the first step to my goal. 📙 Journal Log: 2026-04-05 🎯 Today's Mission Mastering the Fundamentals: Bridging the gap between physical systems thinking and terminal based automation 🛠️ Environment Setup Machine/OS: NDG Virtual Machine (Ubuntu-based) Current Directory: ~/home/sysadmin ⌨️ Commands Flags Learned Command Flag/Context What it does ls -l Lists files in long format (essential for checking permissions). chmod +x Changes file access levels—the D
Harmonic-9B - Two-stage Qwen3.5-9B fine-tune (Stage 2 still training)
Hey r/LocalLLaMA , I just uploaded Harmonic-9B, my latest Qwen3.5-9B fine-tune aimed at agent use. Current status: • Stage 1 (heavy reasoning training) is complete • Stage 2 (light tool-calling / agent fine-tune) is still training right now The plan is to combine strong structured reasoning with clean, reliable tool use while trying to avoid making normal chat feel stiff or overly verbose. Filtered dataset for Stage 2: I open-sourced the filtered version of the Hermes agent traces I’m using for the second stage: https://huggingface.co/datasets/DJLougen/hermes-agent-traces-filtered Key improvements after filtering: • Self-correction: 6% → 63% • Verification steps: 26% → 96% • Thinking depth: +40% • Valid JSON/tool calls: 100% GGUF quants are already available here: https://huggingface.co/DJ
How to Clean Up Xcode and Free 30-50GB on Your Mac
Xcode is the single biggest storage consumer on most developers' Macs. A fresh install starts around 35GB, but over months of development it quietly grows to 80, 100, even 150GB+. Most of that growth is invisible — cached build products, old simulators, debug symbols for iOS versions you no longer use. I've been building iOS apps for years, and this problem is exactly why I built MegaCleaner — I got tired of manually tracking down these hidden folders every few months. But whether you use a tool or do it by hand, you should know where the space goes. This guide covers every Xcode storage category: what it is, where it lives, how big it typically gets, and whether it's safe to delete. No guesswork, no vague advice — just exact paths and clear safety levels. Quick Reference Before we dive in
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!