Feature Mining for Encrypted Malicious Traffic Detection with Deep
Learning and Other Machine Learning Algorithms
- URL: http://arxiv.org/abs/2304.03691v1
- Date: Fri, 7 Apr 2023 15:25:36 GMT
- Title: Feature Mining for Encrypted Malicious Traffic Detection with Deep
Learning and Other Machine Learning Algorithms
- Authors: Zihao Wang, Vrizlynn L. L. Thing
- Abstract summary: The popularity of encryption mechanisms poses a great challenge to malicious traffic detection.
Traditional detection techniques cannot work without the decryption of encrypted traffic.
In this paper, we provide an in-depth analysis of traffic features and compare different state-of-the-art traffic feature creation approaches.
We propose a novel concept for encrypted traffic feature which is specifically designed for encrypted malicious traffic analysis.
- Score: 7.404682407709988
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: The popularity of encryption mechanisms poses a great challenge to malicious
traffic detection. The reason is traditional detection techniques cannot work
without the decryption of encrypted traffic. Currently, research on encrypted
malicious traffic detection without decryption has focused on feature
extraction and the choice of machine learning or deep learning algorithms. In
this paper, we first provide an in-depth analysis of traffic features and
compare different state-of-the-art traffic feature creation approaches, while
proposing a novel concept for encrypted traffic feature which is specifically
designed for encrypted malicious traffic analysis. In addition, we propose a
framework for encrypted malicious traffic detection. The framework is a
two-layer detection framework which consists of both deep learning and
traditional machine learning algorithms. Through comparative experiments, it
outperforms classical deep learning and traditional machine learning
algorithms, such as ResNet and Random Forest. Moreover, to provide sufficient
training data for the deep learning model, we also curate a dataset composed
entirely of public datasets. The composed dataset is more comprehensive than
using any public dataset alone. Lastly, we discuss the future directions of
this research.
Related papers
- Lightweight Cryptanalysis of IoT Encryption Algorithms : Is Quota Sampling the Answer? [0.0]
Two well-known lightweight algorithms are SIMON and SIMECK which have been specifically designed for use on resource-constrained IoT devices.
It is necessary to test these algorithms for resilience against differential cryptanalysis attacks.
In this paper, we introduce Versatile Investigative Sampling Technique for Advanced Cryptanalysis.
arXiv Detail & Related papers (2024-04-12T00:08:39Z) - Cryptanalysis and improvement of multimodal data encryption by
machine-learning-based system [0.0]
encryption algorithms to accommodate varied requirements of this field.
Best approach to analyzing an encryption algorithm is to identify a practical and efficient technique to break it.
arXiv Detail & Related papers (2024-02-24T10:02:21Z) - Feature Analysis of Encrypted Malicious Traffic [3.3148826359547514]
In recent years there has been a dramatic increase in the number of malware attacks that use encrypted HTTP traffic for self-propagation or communication.
Antivirus software and firewalls typically will not have access to encryption keys, and therefore direct detection of encrypted data is unlikely to succeed.
Previous work has shown that traffic analysis can provide indications of malicious intent, even in cases where the underlying data remains encrypted.
arXiv Detail & Related papers (2023-12-06T12:04:28Z) - Towards an Accurate and Secure Detector against Adversarial
Perturbations [58.02078078305753]
Vulnerability of deep neural networks to adversarial perturbations has been widely perceived in the computer vision community.
Current algorithms typically detect adversarial patterns through discriminative decomposition of natural-artificial data.
We propose an accurate and secure adversarial example detector, relying on a spatial-frequency discriminative decomposition with secret keys.
arXiv Detail & Related papers (2023-05-18T10:18:59Z) - Efficient Federated Learning with Spike Neural Networks for Traffic Sign
Recognition [70.306089187104]
We introduce powerful Spike Neural Networks (SNNs) into traffic sign recognition for energy-efficient and fast model training.
Numerical results indicate that the proposed federated SNN outperforms traditional federated convolutional neural networks in terms of accuracy, noise immunity, and energy efficiency as well.
arXiv Detail & Related papers (2022-05-28T03:11:48Z) - Machine Learning for Encrypted Malicious Traffic Detection: Approaches,
Datasets and Comparative Study [6.267890584151111]
In post-COVID-19 environment, malicious traffic encryption is growing rapidly.
We formulate a universal framework of machine learning based encrypted malicious traffic detection techniques.
We implement and compare 10 encrypted malicious traffic detection algorithms.
arXiv Detail & Related papers (2022-03-17T14:00:55Z) - Towards Machine Learning for Placement and Routing in Chip Design: a
Methodological Overview [72.79089075263985]
Placement and routing are two indispensable and challenging (NP-hard) tasks in modern chip design flows.
Machine learning has shown promising prospects by its data-driven nature, which can be of less reliance on knowledge and priors.
arXiv Detail & Related papers (2022-02-28T06:28:44Z) - TenSEAL: A Library for Encrypted Tensor Operations Using Homomorphic
Encryption [0.0]
We present TenSEAL, an open-source library for Privacy-Preserving Machine Learning using Homomorphic Encryption.
We show that an encrypted convolutional neural network can be evaluated in less than a second, using less than half a megabyte of communication.
arXiv Detail & Related papers (2021-04-07T14:32:38Z) - Unsupervised Deep Cross-modality Spectral Hashing [65.3842441716661]
The framework is a two-step hashing approach which decouples the optimization into binary optimization and hashing function learning.
We propose a novel spectral embedding-based algorithm to simultaneously learn single-modality and binary cross-modality representations.
We leverage the powerful CNN for images and propose a CNN-based deep architecture to learn text modality.
arXiv Detail & Related papers (2020-08-01T09:20:11Z) - Privacy-preserving Traffic Flow Prediction: A Federated Learning
Approach [61.64006416975458]
We propose a privacy-preserving machine learning technique named Federated Learning-based Gated Recurrent Unit neural network algorithm (FedGRU) for traffic flow prediction.
FedGRU differs from current centralized learning methods and updates universal learning models through a secure parameter aggregation mechanism.
It is shown that FedGRU's prediction accuracy is 90.96% higher than the advanced deep learning models.
arXiv Detail & Related papers (2020-03-19T13:07:49Z) - AutoML-Zero: Evolving Machine Learning Algorithms From Scratch [76.83052807776276]
We show that it is possible to automatically discover complete machine learning algorithms just using basic mathematical operations as building blocks.
We demonstrate this by introducing a novel framework that significantly reduces human bias through a generic search space.
We believe these preliminary successes in discovering machine learning algorithms from scratch indicate a promising new direction in the field.
arXiv Detail & Related papers (2020-03-06T19:00:04Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.