Deep-Forest-Based Encrypted Malicious Traffic Detection
Electronics, 2022 The SSL/TLS protocol is widely used in data encryption transmission. Aiming at the problem of detecting SSL/TLS-encrypted malicious traffic with small-scale and unbalanced training data, a deep-forest-based detection method called DF-IDS is proposed in this paper.
Xueqin Zhang +5 more
openaire +2 more sources
Research on Malicious Encrypted Traffic Annotation Method for Android Mobile Application [PDF]
Jisuanji gongcheng, 2020 In order to distinguish malicious traffic generated by running malicious Android applications from normal traffic,this paper proposes a method for annotating malicious traffic of mobile Android applications.For encrypted network traffic,encryption ...
HE Gaofeng, SI Yongrui, XU Bingfeng
doaj +1 more source
Model of the malicious traffic classification based on hypergraph neural network
网络与信息安全学报, 2023 As the use and reliance on networks continue to grow, the prevalence of malicious network traffic poses a significant challenge in the field of network security.Cyber attackers constantly seek new ways to infiltrate systems, steal data, and disrupt ...
Wenbo ZHAO, Zitong MA, Zhe YANG
doaj +3 more sources
Malicious Traffic Detection Combining Features of Packet Payload and Stream Fingerprint [PDF]
Jisuanji gongcheng, 2020 The data sets for the detection of malicious traffic by the SSL/TLS protocol are single-sourced.Traditional detection methods take the quintuple feature of network traffic as the main feature for classification,which reduces the accuracy of malicious ...
HU Bin, ZHOU Zhihong, YAO Lihong, LI Jianhua
doaj +1 more source
Intrusion detection model based on capsule network
Xi'an Gongcheng Daxue xuebao, 2023 In order to solve the problems of low detection accuracy and less attention of vairous malicious traffic identification in traditional intrusion detection system (IDS) in the face of massive data mixed with various malicious traffic, an intrusion ...
ZHAO Xu, WANG Xu, ZHANG Xin
doaj +1 more source
Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow Interaction Graph Analysis [PDF]
Network and Distributed System Security Symposium, 2023 In this paper, we propose HyperVision, a realtime unsupervised machine learning (ML) based malicious traffic detection system. Particularly, HyperVision is able to detect unknown patterns of encrypted malicious traffic by utilizing a compact inmemory ...
Chuanpu Fu, Qi Li, Ke Xu
semanticscholar +1 more source
Realtime Robust Malicious Traffic Detection via Frequency Domain Analysis [PDF]
Conference on Computer and Communications Security, 2021 Machine learning (ML) based malicious traffic detection is an emerging security paradigm, particularly for zero-day attack detection, which is complementary to existing rule based detection. However, the existing ML based detection achieves low detection
Chuanpu Fu, Qi Li, Meng Shen, Ke Xu
semanticscholar +1 more source
Encrypted Malicious Traffic Detection Based on Stacking and Multi-Feature Fusion [PDF]
Jisuanji gongcheng, 2023 Although encryption technology protects network communications,plenty malware uses encryption protocols to hide malicious behavior.For the existing Transport Layer Security(TLS) encrypted malicious traffic detection techniques based on machine learning,a
HUO Yuehua, ZHAO Faqi
doaj +1 more source
Scheme for identifying malware traffic with TLS data based on machine learning
网络与信息安全学报, 2020 Based on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable
Ziming LUO, Shubin XU, Xiaodong LIU
doaj +3 more sources
Feature Mining for Encrypted Malicious Traffic Detection with Deep Learning and Other Machine Learning Algorithms [PDF]
Computers & security, 2023 The popularity of encryption mechanisms poses a great challenge to malicious traffic detection. The reason is traditional detection techniques cannot work without the decryption of encrypted traffic.
Zihao Wang, V. Thing
semanticscholar +1 more source