ORCID
- Ji-Jian Chin: 0000-0001-9809-6976
Abstract
Recent studies suggest that few-shot and zero-shot learning methods, drawing on meta-learning, self-supervised approaches and metric-learning ideas, can classify encrypted traffic (TLS 1.3 and QUIC) with competitive accuracy across different protocol conditions. This systematic literature review (SLR) investigates 22 studies selected from an initial pool of 500 papers using PRISMA 2020, focusing on current methodologies for non-stationary network traffic classification, with particular attention to few-shot, zero-shot, and meta-learning approaches. The research addresses four questions: (1) Which approaches have been employed for non-stationary network traffic classification and threat detection? (2) How do hybrid or cross-domain models improve adaptation, detection and overall efficiency? (3) What benchmarking standards exist for the datasets and evaluation metrics in use? (4) How do these methods address concept drift? This review identifies a range of approaches for capturing and analysing non-stationary network traffic but also reveals a significant gap in the empirical evidence addressing the last two questions. This points to a need for targeted experiments on continuously evolving network traffic and zero-day polymorphic attacks, both of which are central to the development of the next-generation adaptive intrusion-detection framework.
DOI Link
Publication Date
2026-05-18
Publication Title
Computers
Volume
15
Issue
5
Acceptance Date
2026-05-13
Deposit Date
2026-05-20
Additional Links
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Recommended Citation
Rahaman, M., Mahmud, A., Aziz, A., Abujawa, O., & Chin, J. (2026) 'A Systematic Literature Review on Data-Efficient and Adaptive Learning Techniques for Encrypted Traffic Classification Under Modern Protocols', Computers, 15(5). Available at: 10.3390/computers15050319
