Encrypted Malicious Traffic Detection Based on Word2Vec-Reference-Cited by-同舟云学术

Encrypted Malicious Traffic Detection Based on Word2Vec

Published:2022-02-23 Issue:5 Volume:11 Page:679
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Ferriyan Andrey^ORCID,Thamrin Achmad Husni,Takeda Keiji,Murai Jun

Abstract

Network-based intrusion detections become more difficult as Internet traffic is mostly encrypted. This paper introduces a method to detect encrypted malicious traffic based on the Transport Layer Security handshake and payload features without waiting for the traffic session to finish while preserving privacy. Our method, called TLS2Vec, creates words from the extracted features and uses Long Short-Term Memory (LSTM) for inference. We evaluated our method using traffic from three malicious applications and a benign application that we obtained from two publicly available datasets. Our results showed that TLS2Vec is promising as a tool to detect such malicious traffic.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering

Link

https://www.mdpi.com/2079-9292/11/5/679/pdf

Reference56 articles.

1. Lets Encrypt Status Report https://letsencrypt.org/stats

2. Firefox Telemetry https://docs.telemetry.mozilla.org/datasets/other/ssl/reference.html

3. Google Transparency Report https://transparencyreport.google.com/https/overview?hl=en

4. The Relevance of Network Security in an Encrypted World https://blogs.vmware.com/networkvirtualization/2020/09/network-security-encrypted.html

5. Analyzing Peer-To-Peer Traffic Across Large Networks

Cited by 12 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Bot-DM: A dual-modal botnet detection method based on the combination of implicit semantic expression and graphical expression;Expert Systems with Applications;2024-08

2. Malicious Encrypted Traffic Detection Method Based on Spatial-Temporal Features and Cost Sensitivity;2024 9th International Conference on Electronic Technology and Information Science (ICETIS);2024-05-17

3. Artificial Intelligence-Based Anomaly Detection Technology over Encrypted Traffic: A Systematic Literature Review;Sensors;2024-01-30

4. Anomaly Detection Method for Integrated Encrypted Malicious Traffic Based on RFCNN-GRU;Communications in Computer and Information Science;2024

5. MFFLR-DDoS: An encrypted LR-DDoS attack detection method based on multi-granularity feature fusions in SDN;Mathematical Biosciences and Engineering;2024