Yige Chen,Tianning Zang,Yongzheng Zhang,Yuan Zhouz,Yipeng Wang,Yuan Zhou

DOI: https://doi.org/10.1109/icnp.2019.8888043

2019-10-01

Abstract:With the unprecedented prevalence of mobile network applications, cryptographic protocols, such as the Secure Socket Layer/Transport Layer Security (SSL/TLS), are widely used in mobile network applications for communication security. The proven methods for encrypted video stream classification or encrypted protocol detection are unsuitable for the SSL/TLS traffic. Consequently, application-level traffic classification based networking and security services are facing severe challenges in effectiveness. Existing encrypted traffic classification methods exhibit unsatisfying accuracy for applications with similar state characteristics. In this paper, we propose a multiple-attribute-based encrypted traffic classification system named Multi-Attribute Associated Fingerprints (MAAF). We develop MAAF based on the two key insights that the DNS traces generated during the application runtime contain classification guidance information and that the handshake certificates in the encrypted flows can provide classification clues. Apart from the exploitation of key insights, MAAF employs the context of the encrypted traffic to overcome the attribute-lacking problem during the classification. Our experimental results demonstrate that MAAF achieves 98.69% accuracy on the real-world traceset that consists of 16 applications, supports the early prediction, and is robust to the scale of the training traceset. Besides, MAAF is superior to the state-of-the-art methods in terms of both accuracy and robustness.

Chang Liu,Gang Xiong,Gaopeng Gou,Siu-Ming Yiu,Zhen Li,Zhihong Tian

DOI: https://doi.org/10.1007/s11280-021-00940-0

2021-10-07

World Wide Web

Abstract:With the rapid development of Internet, network management and monitoring face a number of challenges, one of which is traffic classification. Meanwhile, SSL/TLS protocols are extensively used to encrypt the communication payloads, which makes traditional rule-based classification methods not applicable. Without fingerprints of sufficient distinguishing power, other existing methods cannot achieve satisfactory performances on encrypted traffic classification. In this paper, we focus on SSL/TLS encrypted traffic, and propose the Adaptive Fingerprint with Multi-level Attributes (AFMA) to classify them. AFMA combines field-level and sequence-level attributes to tackle encrypted traffic classification problem. Specifically, the distribution of server-to-client ciphersuites on applications is first imported to characterize application preferences. Moreover, besides message type sequences, length block sequences are especially designed to highlight the differences in application fingerprints. In addition, AFMA can adaptively learn the distributions for constructing the fingerprint by analyzing the overall statistics of the applications. The performance of AFMA was verified on a real-world dataset of a campus network (with 956,000+ SSL/TLS traffic flows for 18 popular applications). Our experiments show that AFMA could achieve a true positive rate of up to 99.46% and a false positive rate as low as 0.03%, which outperforms the state-of-the-art methods and our previous method.

Jin Cheng,Yulei Wu,Junling You,Tong Li,Hui Li,Jingguo Ge,Yuepeng E

DOI: https://doi.org/10.1016/j.comnet.2021.108472

IF: 5.493

2021-11-01

Computer Networks

Abstract:Increased awareness of privacy protection has led to a surge in the volume of encrypted traffic, which creates a heavy burden for efficient network management (e.g. quality-of-service guarantees). The opacity of encrypted traffic essentially requires high computational overheads to make traffic classification, which is even worse when encrypted traffic surges. However, existing deep learning approaches sacrifice the efficiency to obtain high-precision classification results, which are no longer suitable for scenarios with large volumes of encrypted traffic. In this paper, a lightweight and online approach implemented as MATEC is proposed. The way we optimize the classification process follows the "Maximizing the reuse of thin modules" design principle. The multi-head attention and the convolutional network are adopted in the thin module. Attributed to the one-step interaction of all packets and the parallel computing of the multi-head attention mechanism, a key advantage of our model is that the number of parameters and running time are significantly reduced. In addition, the effectiveness and efficiency of convolutional networks have been proved in traffic classification. Comparisons to the existing state-of-the-art models on three typical datasets demonstrate that the proposed MATEC model has higher accuracy and running efficiency. In addition, the number of parameters is reduced to 1.8% of the state-of-the-art models and the training time halves.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Quan Ding,Zhengpeng Zha,Yanjun Li,Zhenhua Ling

DOI: https://doi.org/10.14569/ijacsa.2024.01504110

IF: 0.9

2024-01-01

International Journal of Advanced Computer Science and Applications

Abstract:Encrypted traffic classification, a pivotal process in network security and management, involves analyzing and categorizing data traffic that has been encrypted for privacy and security. This task demands the extraction of distinctive and robust feature representations from content-concealed data to ensure accurate and reliable classification. Traditional approaches have focused on utilizing either the payload of encrypted traffic or statistical features for more precise classification. While these methods achieve relative success, their limitation lies in not harnessing multi-grained features, thus impeding further advancements in encrypted traffic classification capabilities. To tackle this challenge, ET-CompBERT is presented, an innovative framework specifically designed for the fusion of multi-granularity features in encrypted traffic, encompassing both payload and global temporal attributes. The extensive experiments reveal that our approach significantly enhances classification performance in data-rich scenarios (achieving up to a +4.43% improvement in certain cases over existing methods) and establishes state-of-the-art results on training sets with different sizes. The source codes will be released after paper acceptance.

Wang,Gu

DOI: https://doi.org/10.3390/s24103078

IF: 3.9

2024-05-13

Sensors

Abstract:The widespread use of encrypted traffic poses challenges to network management and network security. Traditional machine learning-based methods for encrypted traffic classification no longer meet the demands of management and security. The application of deep learning technology in encrypted traffic classification significantly improves the accuracy of models. This study focuses primarily on encrypted traffic classification in the fields of network analysis and network security. To address the shortcomings of existing deep learning-based encrypted traffic classification methods in terms of computational memory consumption and interpretability, we introduce a Parameter-Efficient Fine-Tuning method for efficiently tuning the parameters of an encrypted traffic classification model. Experimentation is conducted on various classification scenarios, including Tor traffic service classification and malicious traffic classification, using multiple public datasets. Fair comparisons are made with state-of-the-art deep learning model architectures. The results indicate that the proposed method significantly reduces the scale of fine-tuning parameters and computational resource usage while achieving performance comparable to that of the existing best models. Furthermore, we interpret the learning mechanism of encrypted traffic representation in the pre-training model by analyzing the parameters and structure of the model. This comparison validates the hypothesis that the model exhibits hierarchical structure, clear organization, and distinct features.

engineering, electrical & electronic,instruments & instrumentation,chemistry, analytical

Wei Peng

2024-08-12

Abstract:Encrypted traffic classification is the task of identifying the application or service associated with encrypted network traffic. One effective approach for this task is to use deep learning methods to encode the raw traffic bytes directly and automatically extract features for classification (byte-based models). However, current byte-based models input raw traffic bytes, whether plaintext or encrypted text, for automated feature extraction, neglecting the distinct impacts of plaintext and encrypted text on downstream tasks. Additionally, these models primarily focus on improving classification accuracy, with little emphasis on the efficiency of models. In this paper, for the first time, we analyze the impact of plaintext and encrypted text on the model's effectiveness and efficiency. Based on our observations and findings, we propose a two-phase approach to balance the trade-off between plaintext and encrypted text in traffic classification. Specifically, Stage one is to Determine whether the Plain text is enough to be accurately Classified (DPC) using the proposed DPC Selector. This stage quickly identifies samples that can be classified using plaintext, leveraging explicit byte features in plaintext to enhance model's efficiency. Stage two aims to adaptively make a classification with the result from stage one. This stage incorporates encrypted text information for samples that cannot be classified using plaintext alone, ensuring the model's effectiveness on traffic classification tasks. Experiments on two datasets demonstrate that our proposed model achieves state-of-the-art results in both effectiveness and efficiency.

Cryptography and Security,Computation and Language

Haitao Zhang,Lei Luo,Yun Li,Lirong Chen,Xiaobo Wu

DOI: https://doi.org/10.1109/dsc55868.2022.00076

2022-01-01

Abstract:More and more data is transferred in encrypted ways, especially over HTTPS. As a result, network attackers often use encryption algorithms to transmit control commands to avoid detection. Malware or unidentified users may use unauthorized encrypted proxy to communicate and access malicious websites. Confirming the details of these behaviors facilitates the analysis of suspicious events, but intercepted encrypted traffic cannot be parsed. Since the payload of encrypted traffic is not observable, machine learning algorithm combined with domain knowledge is the mainstream method to detect malicious encrypted traffic. Considering the complexity of decrypting traffic, we start from host level and flow level, exploit packet length histogram, sequence features and statistical features to describe traffic. In particular, we use Word2Vec algorithm to represent packet length sequence. In experiment, we collect the encrypted traffic generated by malware communicating with multiple websites through encrypted proxy. Experiment result shows the effectiveness of our framework and achieve 96.2% Accuracy.

Cheng Wang,Wei Zhang,Hao Hao,Huiling Shi

DOI: https://doi.org/10.3390/electronics13071236

IF: 2.9

2024-03-28

Electronics

Abstract:The demand for encrypted communication is increasing with the continuous development of secure and trustworthy networks. In edge computing scenarios, the requirement for data processing security is becoming increasingly high. Therefore, the accurate identification of encrypted traffic has become a prerequisite to ensure edge intelligent device security. Currently, encrypted network traffic classification relies on single-feature extraction methods. These methods have simple feature extraction, making distinguishing encrypted network data flows and designing compelling manual features challenging. This leads to low accuracy in multi-classification tasks involving encrypted network traffic. This paper proposes a hybrid deep learning model for multi-classification tasks to address this issue based on the synergy of dilated convolution and gating unit mechanisms. The model comprises a Gated Dilated Convolution (GDC) module and a CA-LSTM module. The GDC module completes the spatial feature extraction of encrypted network traffic through dilated convolution and gating unit mechanisms. In contrast, the CA-LSTM module focuses on extracting temporal network traffic features. By employing a collaborative approach to extract spatio-temporal features, the model ensures feature extraction diversity, guarantees robustness, and effectively enhances the feature extraction rate. We evaluate our multi-classification model using the ISCX VPN-nonVPN public dataset. Experimental results show that the proposed method achieves an accuracy rate of over 95% and a recall rate of over 90%, significantly outperforming existing methods.

engineering, electrical & electronic,computer science, information systems,physics, applied

Meng Shen,Yiting Liu,Liehuang Zhu,Xiaojiang Du,Jiankun Hu

DOI: https://doi.org/10.1109/tifs.2020.3046876

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Encrypted web traffic can reveal sensitive information of users, such as their browsing behaviors. Existing studies on encrypted traffic analysis focus on website fingerprinting. We claim that fine-grained webpage fingerprinting, which speculates specific webpages on a same website visited by a victim, allows exploiting more user private information, e.g., shopping interests in an online shopping mall. Since webpages from the same website usually have very similar traffic traces that make them indistinguishable, existing solutions may end up with low accuracy. In this paper, we propose FineWP, a novel fine-grained webpage fingerprinting method. We make an observation that the length information of packets in bidirectional client-server interactions can be distinctive features for webpage fingerprinting. The extracted features are then fed into traditional machine learning models to train classifiers, which achieve both high accuracy and low training overhead. We collect two real-world traffic datasets and construct closed- and open-world evaluations to verify the effectiveness of FineWP. The experimental results demonstrate that FineWP is superior to the state-of-the-art methods in terms of accuracy, time complexity and stability.

computer science, theory & methods,engineering, electrical & electronic

Shi-Jie Xu,Guang-Gang Geng,Xiao-Bo Jin,Dong-Jie Liu,Jian Weng

DOI: https://doi.org/10.1109/tifs.2022.3179955

IF: 7.231

2022-06-22

IEEE Transactions on Information Forensics and Security

Abstract:Although many network traffic protection methods have been developed to protect user privacy, encrypted traffic can still reveal sensitive user information with sophisticated analysis. In this paper, we propose ETC-PS, a novel encrypted traffic classification method with path signature. We first construct the traffic path with a session packet length sequence to represent the interactions between the client and the server. Then, path transformations are conducted to exhibit its structure and obtain different information. A multiscale path signature is finally computed as a kind of distinctive feature to train the traditional machine learning classifier, which achieves highly robust accuracy and low training overhead. Six publicly available datasets with different traffic types of HTTPS/1, HTTPS/2, QUIC, VPN, non-VPN, Tor, and non-Tor are used to conduct closed-world and open-world evaluations to verify the effectiveness of ETC-PS. The experimental results demonstrate that ETC-PS is superior to the state-of-the-art methods in terms of accuracy, score, time complexity, and stability.

computer science, theory & methods,engineering, electrical & electronic

Meng Shen,Yiting Liu,Liehuang Zhu,Ke Xu,Xiaojiang Du,Nadra Guizani

DOI: https://doi.org/10.1109/mnet.011.1900366

IF: 10.294

2020-01-01

IEEE Network

Abstract:Traffic classification is a technology for classifying and identifying sensitive information from cluttered traffic. With the increasing use of encryption and other evasion technologies, traditional content- based network traffic classification becomes impossible, and traffic classification is increasingly related to security and privacy. Many studies have been conducted to investigate traffic classification in various scenarios. A major challenge to existing schemes is extending traffic classification technology to a broader space. In other words, most traffic classification work is not universal and can only show great performance on specific datasets. In this article, we present a systematic approach to optimizing feature selection for encrypted traffic classification. We summarize the optional encrypted traffic features and analyze the approaches of feature selection in detail for different datasets. The experimental result demonstrates that our scheme is more accurate and universal than other state-of-the-art approaches. More precisely, our mechanism provides a guideline for future research in the field of traffic classification.

Hong Huang,Xingxing Zhang,Ye Lu,Ze Li,Shaohua Zhou

DOI: https://doi.org/10.32604/cmc.2024.047918

2024-01-01

Abstract:While encryption technology safeguards the security of network communications, malicious traffic also uses encryption protocols to obscure its malicious behavior. To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic, we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features, called BERT-based Spatio-Temporal Features Network (BSTFNet). At the packet-level granularity, the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers (BERT) model. At the byte-level granularity, we initially employ the Bidirectional Gated Recurrent Unit (BiGRU) model to extract temporal features from bytes, followed by the utilization of the Text Convolutional Neural Network (TextCNN) model with multi-sized convolution kernels to extract local multi-receptive field spatial features. The fusion of features from both granularities serves as the ultimate multidimensional representation of malicious traffic. Our approach achieves accuracy and F1-score of 99.39% and 99.40%, respectively, on the publicly available USTC-TFC2016 dataset, and effectively reduces sample confusion within the Neris and Virut categories. The experimental results demonstrate that our method has outstanding representation and classification capabilities for encrypted malicious traffic.

computer science, information systems,materials science, multidisciplinary

Guang-Lu Sun,Yibo Xue,Yingfei Dong,Dongsheng Wang,Chenglong Li

DOI: https://doi.org/10.1109/GLOCOM.2010.5683649

2010-01-01

Abstract:Classifying encrypted traffic is critical to effective network analysis and management. While traditional payload- based methods are powerless to deal with encrypted traffic, machine learning methods have been proposed to address this issue. However, these methods often bring heavy overhead into the system. In this paper, we propose a hybrid method that combines signature-based methods and statistical analysis methods to address this issue. We first identify SSL/TLS traffic with signature matching methods, and then apply statistical analysis to determine concrete application protocols. Our experimental results show that the proposed method is able to recognize over 99% of SSL/TLS traffic and achieve 94.52% in F-score for protocols identification.

Zijun Hang,Yi Xie,Yuliang Lu,Yongjie Wang

DOI: https://doi.org/10.1145/3607199.3607206

2023-10-16

Abstract:Malicious traffic classification is crucial for Intrusion Detection Systems (IDS). However, traditional Machine Learning approaches necessitate expert knowledge and a significant amount of well-labeled data. Although recent studies have employed pre-training models from the Natural Language Processing domain, such as ET-BERT, for traffic classification, their effectiveness is impeded by limited input length and fixed Byte Pair Encoding. To address these challenges, this paper presents Flow-MAE, a pre-training model that employs Masked AutoEncoders (MAE) from the Computer Vision domain to achieve accurate, efficient, and robust malicious network traffic classification. Flow-MAE overcomes these challenges by utilizing burst (a generic representation of network traffic) and patch embedding to accommodate extensive traffic length. Moreover, Flow-MAE introduces a self-supervised pre-training task, the Masked Patch Model, which captures unbiased representations from bursts with varying lengths and patterns. Experimental results from six datasets reveal that Flow-MAE achieves new state-of-the-art accuracy (>0.99), efficiency (>900 samples/s), and robustness across diverse network traffic types. In comparison to the state-of-the-art ET-BERT, Flow-MAE exhibits improvements in accuracy and speed by 0.41%-1.93% and 7.8x-10.3x, respectively, while necessitating only 0.2% FLOPs and 44% memory overhead. The efficacy of the core designs is validated through few-shot learning and ablation experiments. The code is publicly available at https://github.com/NLear/Flow-MAE.

Computer Science

Daichong Chao

DOI: https://doi.org/10.1145/3404555.3404590

2020-04-23

Abstract:Malicious encrypted traffic poses great threat to cyber security owing to encryption and the ability to bypass traditional traffic detection schemes. Malicious encrypted traffic identification is a challenging task and has attracted researchers' attention nowadays. Existing research way mainly extracts various statistical features of data-flow, which relies artificial experience heavily. To round the above problem. a fingerprint enhancement and second-order Markov chain based scheme is proposed in this paper, obtaining features more easily. Fingerprint enhancement is done to replace SSL fingerprint by refining data-flow's behavior. Then enhanced fingerprint is fed to second-order Markov chain to obtain dominating feature for identification model. To our best knowledge, this paper is the first one focusing on using fingerprint and second order Markov chain to simplify feature extraction. Finally, the proposed scheme is verified based on public dataset Stratosphere IPS.

In-Su Jung,Yu-Rae Song,Lelisa Adeba Jilcha,Deuk-Hun Kim,Sun-Young Im,Shin-Woo Shim,Young-Hwan Kim,Jin Kwak

DOI: https://doi.org/10.3390/sym16060733

2024-06-13

Symmetry

Abstract:With the continuously growing requirement for encryption in network environments, web browsers are increasingly employing hypertext transfer protocol security. Despite the increase in encrypted malicious network traffic, the encryption itself limits the data accessible for analyzing such behavior. To mitigate this, several studies have examined encrypted network traffic by analyzing metadata and payload bytes. Recent studies have furthered this approach, utilizing graph neural networks to analyze the structural data patterns within malicious encrypted traffic. This study proposed an enhanced encrypted traffic analysis leveraging graph neural networks which can model the symmetric or asymmetric spatial relations between nodes in the traffic network and optimized feature dimensionality reduction. It classified malicious network traffic by leveraging key features, including the IP address, port, CipherSuite, MessageLen, and JA3 features within the transport-layer-security session data, and then analyzed the correlation between normal and malicious network traffic data. The proposed approach outperformed previous models in terms of efficiency, using fewer features while maintaining a high accuracy rate of 99.5%. This demonstrates its research value as it can classify malicious network traffic with a high accuracy based on fewer features.

multidisciplinary sciences

Shengbao Li,Yuchuan Huang,Tianye Gao,Lanqi Yang,Yige Chen,Quanbo Pan,Tianning Zang,Fei Chen

DOI: https://doi.org/10.1155/2023/9118153

2023-04-30

Wireless Communications and Mobile Computing

Abstract:In recent years, an increasing number of mobile platforms and applications have adopted traffic encryption protocol technology to ensure privacy and security. Existing researches on encrypted traffic identification approaches often rely on a single-modal feature pattern (such as packet sequence and statistical features), which cannot fully represent the detail information of complex traffic features, and so their predictions are susceptible to anomalies. In order to improve the effect of classification on encrypted app traffic, we propose FusionTC, a novel app traffic classification framework based on feature fusion of flow sequence. FusionTC consists of two-level subclassifiers, which are used to perform decision-level fusion of multimodal features by an upgraded stacking method. The comprehensive capture and fusion of multimodal traffic details, coupled with the refined processing and segmentation of traffic, enables FusionTC to significantly promote classification accuracy and enhance robustness in challenging situations. Based on our self-built app traffic dataset, FusionTC improves the accuracy by at least 3.2% over the state-of-the-art approaches.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yufan Chen,Jiahai Yang,Susu Cui,Cong Dong,Bo Jiang,Yuling Liu,Zhigang Lu

DOI: https://doi.org/10.1016/j.cose.2023.103645

IF: 5.105

2023-12-22

Computers & Security

Abstract:The wide adoption of encrypted traffic brings challenges to network management. Previous studies propose different approaches to tackle this problem. However, most of them still struggle to strike a balance in three dimensions, interpretability, robustness and efficiency. As countermeasures, we propose using a hierarchical feature approach to enhance the comprehensiveness behavior description of network behavior to achieve the balance of the three points. Instead of aggregating under-layer features, we have employed the collector mechanism to directly generate the hierarchical features. This approach can overcome the issue of inaccurate feature generation caused by multiple concurrent session flows. To measure the generalization ability persuasively, six datasets are reorganized to simulate the scenario with unknown applications. Besides, different statistical models are applied with state-of-the-art features to conduct experiments. Experiment results show that the proposed method can achieve the F1 score above 98% on the reorganized sets, which demonstrates the effectiveness of the proposed hierarchical approach.

computer science, information systems

Leiqi Wang,Xiu Ma,Ning Li,Qiujian Lv,Yan Wang,Weiqing Huang,Haiyan Chen

DOI: https://doi.org/10.1016/j.cose.2023.103466

IF: 5.105

2023-09-14

Computers & Security

Abstract:Nowadays, most network traffic is encrypted, which protects user privacy but hides attack traces, further hindering identifying attacks to inspect traffic packages. Machine Learning(ML) methods are widely applied to attack classification on encrypted traffic owing to no need for manual analysis. However, existing studies only concentrate on basic statistical features and cannot obtain the crucial attack behaviors hiding in the encrypted traffic. Worse still, attackers constantly update attack vectors to evade detection, which means outdated features extracted from historical traffic fail to recognize unseen attacks. As a solution, we propose an attack classification approach, attack finger print based on g raphs of t ime-window ( TGPrint ). We first filter normal traffic flows using ML models to eliminate the impact of useless, noisy data for attack classification and maintain suspicious traffic. Then, we create attack graphs to depict interaction behaviors of attack-victim hosts from suspicious traffic containing crucial attack behaviors. Besides, we divide a specific duration for each attack to precisely elaborate attack graphs, where temporal, statistical, and aggregate features are extracted to portray attack behaviors. Finally, we utilize Graph Neural Networks (GNNs) to mine and grasp the crucial behavior patterns from attack graphs to generate fingerprints and classify attacks, even unseen attacks. Extensive experiments are conducted on well-known datasets to verify our approach. It achieves a precision of 99% in attack classification on encrypted traffic, an average higher than other ML methods of 50%. Meanwhile, it classifies unseen attacks with an average accuracy of over 80% and has a strong robustness to false positives.

computer science, information systems

Pitpimon Choorod,George Weir,Anil Fernando

DOI: https://doi.org/10.1109/access.2024.3356073

IF: 3.9

2024-02-13

IEEE Access

Abstract:Tor, a network offering Internet anonymity, presented both positive and potentially malicious applications, leading to the need for efficient Tor traffic monitoring. While most current traffic classification methods rely on flow-based features, these can be unreliable due to factors like asymmetric routing, and the use of multiple packets for feature computation can lead to processing delays. Recognising the multi-layered encryption of Tor compared to nonTor encrypted payloads, our study explored distinct patterns in their encrypted data. We introduced a novel method using Deep Packet Inspection and machine learning to differentiate between Tor and nonTor traffic based solely on encrypted payload. In the first strand of our research, we investigated hex character analysis of the Tor and nonTor encrypted payloads through statistical testing across 8 groups of application types. Remarkably, our investigation revealed a significant differentiation rate of 94.53% between Tor and nonTor traffic. In the second strand of our research, we aimed to distinguish Tor and nonTor traffic using machine learning, based on encrypted payload features. This proposed feature-based approach proved effective, as evidenced by our classification performance, which attained an average accuracy rate of 95.65% across these 8 groups of applications. Thereby, this study contributes to the efficient classification of Tor and nonTor traffic through features derived solely from a single encrypted payload packet, independent of its position in the traffic flow.

computer science, information systems,telecommunications,engineering, electrical & electronic