Scheme for identifying malware traffic with TLS data based on machine learning
Based on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable metadata and contextual flow data was extract...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2020-02-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2020008 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530013235544064 |
|---|---|
| author | Ziming LUO Shubin XU Xiaodong LIU |
| author_facet | Ziming LUO Shubin XU Xiaodong LIU |
| author_sort | Ziming LUO |
| collection | DOAJ |
| description | Based on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable metadata and contextual flow data was extracted.Support vector machine,random forest and extreme gradient boosting were used to compare the performance of the mainstream malicious encryption traffic identification which realized the efficient detection of malicious encryption traffic,and verified the validity of the detection system of malicious encryption traffic. |
| format | Article |
| id | doaj-art-dd022a8d345c4d959c6ff05423096ebc |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2020-02-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-dd022a8d345c4d959c6ff05423096ebc2025-01-15T03:13:57ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2020-02-016778359557873Scheme for identifying malware traffic with TLS data based on machine learningZiming LUOShubin XUXiaodong LIUBased on analyzing the characteristics of transport layer security (TLS) protocol,a distributed automation malicious traffic detecting system based on machine learning was designed.The characteristics of encrypted malware traffic from TLS data,observable metadata and contextual flow data was extracted.Support vector machine,random forest and extreme gradient boosting were used to compare the performance of the mainstream malicious encryption traffic identification which realized the efficient detection of malicious encryption traffic,and verified the validity of the detection system of malicious encryption traffic.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2020008transport layer securityencrypted malware trafficmachine learning |
| spellingShingle | Ziming LUO Shubin XU Xiaodong LIU Scheme for identifying malware traffic with TLS data based on machine learning 网络与信息安全学报 transport layer security encrypted malware traffic machine learning |
| title | Scheme for identifying malware traffic with TLS data based on machine learning |
| title_full | Scheme for identifying malware traffic with TLS data based on machine learning |
| title_fullStr | Scheme for identifying malware traffic with TLS data based on machine learning |
| title_full_unstemmed | Scheme for identifying malware traffic with TLS data based on machine learning |
| title_short | Scheme for identifying malware traffic with TLS data based on machine learning |
| title_sort | scheme for identifying malware traffic with tls data based on machine learning |
| topic | transport layer security encrypted malware traffic machine learning |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2020008 |
| work_keys_str_mv | AT zimingluo schemeforidentifyingmalwaretrafficwithtlsdatabasedonmachinelearning AT shubinxu schemeforidentifyingmalwaretrafficwithtlsdatabasedonmachinelearning AT xiaodongliu schemeforidentifyingmalwaretrafficwithtlsdatabasedonmachinelearning |