Scheme for identifying malware traffic with TLS data based on machine learning

Scheme for identifying malware traffic with TLS data based on machine learning

Based on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable metadata and contextual flow data was extract...

Full description

Saved in:
Bibliographic Details
Main Authors: Ziming LUO, Shubin XU, Xiaodong LIU
Format: Article
Language:English
Published: POSTS&TELECOM PRESS Co., LTD 2020-02-01
Series:网络与信息安全学报
Subjects:
transport layer security
encrypted malware traffic
machine learning
Online Access:http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2020008
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Based on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable metadata and contextual flow data was extracted.Support vector machine,random forest and extreme gradient boosting were used to compare the performance of the mainstream malicious encryption traffic identification which realized the efficient detection of malicious encryption traffic,and verified the validity of the detection system of malicious encryption traffic.
ISSN:2096-109X

Similar Items