加密恶意流量检测技术综述*

2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI) Pub Date : 2021-10-15 DOI:10.1109/CCCI52664.2021.9583191

Yanmiao Li, Hao Guo, Jiangang Hou, Zhen Zhang, Tong Jiang, Zhi Liu

{"title":"加密恶意流量检测技术综述*","authors":"Yanmiao Li, Hao Guo, Jiangang Hou, Zhen Zhang, Tong Jiang, Zhi Liu","doi":"10.1109/CCCI52664.2021.9583191","DOIUrl":null,"url":null,"abstract":"With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.","PeriodicalId":136382,"journal":{"name":"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Survey of Encrypted Malicious Traffic Detection*\",\"authors\":\"Yanmiao Li, Hao Guo, Jiangang Hou, Zhen Zhang, Tong Jiang, Zhi Liu\",\"doi\":\"10.1109/CCCI52664.2021.9583191\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.\",\"PeriodicalId\":136382,\"journal\":{\"name\":\"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCCI52664.2021.9583191\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCCI52664.2021.9583191","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

随着HTTPS等加密流量越来越多，加密流量不仅可以保护正常流量，还可以保护恶意流量。不加解密的加密恶意流量识别已成为研究热点。结合机器学习的一个重要分支——深度学习，加密恶意流量检测取得了很好的效果。本文综述了近年来加密恶意流量检测的研究进展。首先，对加密的恶意流量进行分类。其次，对加密恶意流量的提取特点、目前面临的关键和难点问题进行了梳理。然后，以加密恶意流量检测技术为主线，从数据采集、数据处理、模型训练和评估改进四个核心方面对目前的检测模型进行了总结。最后，对存在的问题进行了分析，并指出了今后的研究方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Survey of Encrypted Malicious Traffic Detection*

With more and more encrypted traffic such as HTTPS, encrypted traffic protects not only normal traffic, but also malicious traffic. Identification of encrypted malicious traffic without decryption has become a research hotspot. Combined with deep learning, an important branch of machine learning, encrypted malicious traffic detection has achieved good results. This paper reviews the detection of encrypted malicious traffic in recent years. Firstly, we classify encrypted malicious traffic. Secondly, we sorts out the extraction characteristics of encrypted malicious traffic, the key and difficult problems we are facing at present. Then, with encrypted malicious traffic detection technology as the main line, we summarized the current detection model from the four core aspects of data collection, data processing, model training and evaluation improvement. Finally, we analyze the problems and point out future research directions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)

自引率

0.00%

发文量