Encrypted Malicious Network Traffic Detection Using Machine Learning

Abstract (300 words maximum)

In recent times with Covid 19, there has been an increase in digital usage due to social distancing. These have demanded an increase in security and privacy. As a result, past methods of detection of malicious traffic are not as effective. HTTPS and TLS encryptions being the types of protection, recent malware has been encrypted and disguised as normal traffic. Due to this, it requires decryption then detection, which is ineffective for immediate detection. Machine learning, a form of artificial intelligence that uses data to learn and improve, can be used for improved detection of malicious traffic. Due to the computer pulling the weight, it doesn’t require a person to sit and monitor, which increases speed of detection, decreases expenses and increment accuracy. The goal of this research is focused on detection of encrypted malicious traffic without decrypting the files. Using already existing methods of traffic detection, like Random Forest, Neural network, XGBoost, it is hoped we further the detection accuracy and effectiveness in this study.

Academic department under which the project should be listed

CCSE - Information Technology

Primary Investigator (PI) Name

Liang Zhao

This document is currently not available here.

Share

COinS
 

Encrypted Malicious Network Traffic Detection Using Machine Learning

In recent times with Covid 19, there has been an increase in digital usage due to social distancing. These have demanded an increase in security and privacy. As a result, past methods of detection of malicious traffic are not as effective. HTTPS and TLS encryptions being the types of protection, recent malware has been encrypted and disguised as normal traffic. Due to this, it requires decryption then detection, which is ineffective for immediate detection. Machine learning, a form of artificial intelligence that uses data to learn and improve, can be used for improved detection of malicious traffic. Due to the computer pulling the weight, it doesn’t require a person to sit and monitor, which increases speed of detection, decreases expenses and increment accuracy. The goal of this research is focused on detection of encrypted malicious traffic without decrypting the files. Using already existing methods of traffic detection, like Random Forest, Neural network, XGBoost, it is hoped we further the detection accuracy and effectiveness in this study.