Encrypted Malicious Traffic Detection Based on Word2Vec

Andrey Ferriyan, Achmad Husni Thamrin, Keiji Takeda, Jun Murai

研究成果: Article査読

1 被引用数 (Scopus)

抄録

Network-based intrusion detections become more difficult as Internet traffic is mostly en-crypted. This paper introduces a method to detect encrypted malicious traffic based on the Transport Layer Security handshake and payload features without waiting for the traffic session to finish while preserving privacy. Our method, called TLS2Vec, creates words from the extracted features and uses Long Short-Term Memory (LSTM) for inference. We evaluated our method using traffic from three malicious applications and a benign application that we obtained from two publicly available datasets. Our results showed that TLS2Vec is promising as a tool to detect such malicious traffic.

本文言語English
論文番号679
ジャーナルElectronics (Switzerland)
11
5
DOI
出版ステータスPublished - 2022 3月 1

ASJC Scopus subject areas

  • 制御およびシステム工学
  • 信号処理
  • ハードウェアとアーキテクチャ
  • コンピュータ ネットワークおよび通信
  • 電子工学および電気工学

フィンガープリント

「Encrypted Malicious Traffic Detection Based on Word2Vec」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル