Jiyuan Liu1, Yingzhi Zeng2, Jiangyong Shi2, Yuexiang Yang2,∗, Rui Wang3, Liangzhong He4
CMC-Computers, Materials & Continua, Vol.60, No.2, pp. 721-739, 2019, DOI:10.32604/cmc.2019.05610
Abstract Recently, TLS protocol has been widely used to secure the application data carried in network traffic. It becomes more difficult for attackers to decipher messages through capturing the traffic generated from communications of hosts. On the other hand, malwares adopt TLS protocol when accessing to internet, which makes most malware traffic detection methods, such as DPI (Deep Packet Inspection), ineffective. Some literatures use statistical method with extracting the observable data fields exposed in TLS connections to train machine learning classifiers so as to infer whether a traffic flow is malware or not. However, most of them adopt the features based… More >
Login
Register
