A Survey of Encrypted Malicious Traffic Detection*

Yanmiao Li, Hao Guo, Jiangang Hou, Zhen Zhang, Tong Jiang, Zhi Liu
{"title":"A Survey of Encrypted Malicious Traffic Detection*","authors":"Yanmiao Li, Hao Guo, Jiangang Hou, Zhen Zhang, Tong Jiang, Zhi Liu","doi":"10.1109/CCCI52664.2021.9583191","DOIUrl":null,"url":null,"abstract":"With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.","PeriodicalId":136382,"journal":{"name":"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCCI52664.2021.9583191","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

Abstract

With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.
加密恶意流量检测技术综述*
随着HTTPS等加密流量越来越多,加密流量不仅可以保护正常流量,还可以保护恶意流量。不加解密的加密恶意流量识别已成为研究热点。结合机器学习的一个重要分支——深度学习,加密恶意流量检测取得了很好的效果。本文综述了近年来加密恶意流量检测的研究进展。首先,对加密的恶意流量进行分类。其次,对加密恶意流量的提取特点、目前面临的关键和难点问题进行了梳理。然后,以加密恶意流量检测技术为主线,从数据采集、数据处理、模型训练和评估改进四个核心方面对目前的检测模型进行了总结。最后,对存在的问题进行了分析,并指出了今后的研究方向。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信