Confirmation method for the detection of malicious encrypted traffic with data privacy protection
In order to solve the problem that excessive false positives in the detection of encrypted malicious traffic based on machine learning, secure two-party computation was used to compare character segments between network traffic and intrusion detection rulers without revealing the data content.Based...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2022-02-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022034/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539983672868864 |
|---|---|
| author | Gaofeng HE Qianfeng WEI Xiancai XIAO Haiting ZHU Bingfeng XU |
| author_facet | Gaofeng HE Qianfeng WEI Xiancai XIAO Haiting ZHU Bingfeng XU |
| author_sort | Gaofeng HE |
| collection | DOAJ |
| description | In order to solve the problem that excessive false positives in the detection of encrypted malicious traffic based on machine learning, secure two-party computation was used to compare character segments between network traffic and intrusion detection rulers without revealing the data content.Based on the comparison results, an intrusion detection feature matching algorithm was designed to accurately match keywords.A random verification strategy for users’ input was also proposed to facilitate the method.As a result, malicious users couldn’t use arbitrary data to participate in secure two-party calculations and avoid confirmation.The security and resource consumption of the method were theoretically analyzed and verified by a combination of real deployment and simulation experiments.The experimental results show that the proposed method can significantly improve the detection performance with low system resources. |
| format | Article |
| id | doaj-art-98b8e1097f1342c28c6371799e9e20af |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2022-02-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-98b8e1097f1342c28c6371799e9e20af2025-01-14T06:29:33ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2022-02-014315617059394492Confirmation method for the detection of malicious encrypted traffic with data privacy protectionGaofeng HEQianfeng WEIXiancai XIAOHaiting ZHUBingfeng XUIn order to solve the problem that excessive false positives in the detection of encrypted malicious traffic based on machine learning, secure two-party computation was used to compare character segments between network traffic and intrusion detection rulers without revealing the data content.Based on the comparison results, an intrusion detection feature matching algorithm was designed to accurately match keywords.A random verification strategy for users’ input was also proposed to facilitate the method.As a result, malicious users couldn’t use arbitrary data to participate in secure two-party calculations and avoid confirmation.The security and resource consumption of the method were theoretically analyzed and verified by a combination of real deployment and simulation experiments.The experimental results show that the proposed method can significantly improve the detection performance with low system resources.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022034/malicious encrypt trafficmachine learningsecure two-party computationautomatic confirmation |
| spellingShingle | Gaofeng HE Qianfeng WEI Xiancai XIAO Haiting ZHU Bingfeng XU Confirmation method for the detection of malicious encrypted traffic with data privacy protection Tongxin xuebao malicious encrypt traffic machine learning secure two-party computation automatic confirmation |
| title | Confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| title_full | Confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| title_fullStr | Confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| title_full_unstemmed | Confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| title_short | Confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| title_sort | confirmation method for the detection of malicious encrypted traffic with data privacy protection |
| topic | malicious encrypt traffic machine learning secure two-party computation automatic confirmation |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022034/ |
| work_keys_str_mv | AT gaofenghe confirmationmethodforthedetectionofmaliciousencryptedtrafficwithdataprivacyprotection AT qianfengwei confirmationmethodforthedetectionofmaliciousencryptedtrafficwithdataprivacyprotection AT xiancaixiao confirmationmethodforthedetectionofmaliciousencryptedtrafficwithdataprivacyprotection AT haitingzhu confirmationmethodforthedetectionofmaliciousencryptedtrafficwithdataprivacyprotection AT bingfengxu confirmationmethodforthedetectionofmaliciousencryptedtrafficwithdataprivacyprotection |