Malicious Encrypted Traffic Detection Method Based on Data Classification
In order to improve the detection accuracy of malicious encrypted traffic,a detection strategy based on data classification is proposed to address the problems of insufficient feature extraction and poor discrimination in conventional detection methods.First,the K-means method is used to classify the traffic data,and then the deep learning model combining convolutional neural network with bidirectional gated recurrent unit(CNN-Bi GRU)is used to enhance the extraction ability of key features by optimizing the convolution position.This method can capture the spatial and temporal features of traffic data at the same time,and achieve the binary detection of malicious encrypted traffic.Experimental results indicate that compared with single deep learning models such as CNN,LSTM and conventional machine learning models such as SVM and logistic regression,the proposed method has improved precision,recall and F1 score,with an accuracy rate of 96.78%.
cyber securityencrypted malicious trafficfeature selectiondeep learningclustering model
NETL
NSTL
万方数据
