AS-DMF: A Lightweight Malware Encrypted Traffic Detection Method Based on Active Learning and Feature Selection

The sharp increasing volume of encrypted traffic generated by malware brings a huge challenge to traditional payload-based malicious detection methods. Solutions that based on machine learning and deep are becoming mainstream. However, the learning-based methods limited manual-design features, which have problem highly correlated multicollinearity. And both rely heavily large number labeled samples, needs lots human effort. In this paper, we apply active propose AS-DMF framework. is lightweight framework combine uncertainty sampling density-based query strategy informative representative instances from sample set then train them in (DMF) model. Moreover, feature selection mechanism can select meaningful features efficiently. Our comprehensive experiments real-word dataset indicate achieves lightweighting at data levels with high performance 0.9460 mAcc.