Machine learning for encrypted malicious traffic detection: Approaches, datasets and comparative study
نویسندگان
چکیده
As people’s demand for personal privacy and data security becomes a priority, encrypted traffic has become mainstream in the cyber world. However, encryption is also shielding malicious illegal introduced by adversaries, from being detected. This especially so post-COVID-19 environment where growing rapidly. Common solutions that rely on plain payload content analysis such as deep packet inspection are rendered useless. Thus, machine learning based approaches have an important direction detection. In this paper, we formulate universal framework of detection techniques provided systematic review. Furthermore, current research adopts different datasets to train their models due lack well-recognized feature sets. result, model performance cannot be compared analyzed reliably. Therefore, analyse, process combine 5 sources generate comprehensive fair dataset aid future field. On basis, implement compare 10 algorithms. We then discuss challenges propose directions research.
منابع مشابه
Detecting Encrypted Traffic: A Machine Learning Approach
Detecting encrypted traffic is increasingly important for deep packet inspection (DPI) to improve the performance of intrusion detection systems. We propose a machine learning approach with several randomness tests to achieve high accuracy detection of encrypted traffic while requiring low overhead incurred by the detection procedure. To demonstrate how effective the proposed approach is, the p...
متن کاملRealtime Encrypted Traffic Identification using Machine Learning
Accurate network traffic identification plays important roles in many areas such as traffic engineering, QoS and intrusion detection etc. The emergence of many new encrypted applications which use dynamic port numbers and masquerading techniques causes the most challenging problem in network traffic identification field. One of the challenging issues for existing traffic identification methods ...
متن کاملMachine Learning Classification of Malicious Network Traffic
1.1. Intrusion Detection Systems. In our society, information systems are everywhere. They are used by corporations to store proprietary and other sensitive data, by families to store financial and personal information, by universities to keep research data and ideas, and by governments to store defense and security information. It is very important that the information systems that house this ...
متن کاملMalicious JavaScript detection using machine learning
JavaScript has become a ubiquitous Web technology that enables interactive and dynamic Web sites. The widespread adoption, along with some of its properties allowing authors to easily obfuscate their code, make JavaScript an interesting venue for malware authors. In this survey paper, we discuss some of the difficulties in dealing with malicious JavaScript code, and go through some recent appro...
متن کاملMachine Learning Approaches for Temporal Information Extraction: A comparative study
Temporal expressions are important structures in natural language. In order to understand text, temporal expressions have to be extracted and normalized to ISO-based values. For these purposes rule-based and machine learning techniques were proposed. In this paper we present and compare two approaches for automatic recognition of temporal expressions in free text, based on a supervised machine ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2022
ISSN: ['0167-4048', '1872-6208']
DOI: https://doi.org/10.1016/j.cose.2021.102542