Abstract
With the wide adoption of TLS, malware's use of TLS is also growing fast. However, fine-grained feature selection in existing approaches is too burdensome. To this end, we propose to visualize TLS-encrypted flow metadata as an image for better malware traffic analysis and classification. We discuss its feasibility and show some preliminary classification results with high accuracy.
| Original language | English |
|---|---|
| Title of host publication | 28th IEEE International Conference on Network Protocols, ICNP 2020 |
| Publisher | IEEE Computer Society |
| ISBN (Electronic) | 9781728169927 |
| DOIs | |
| Publication status | Published - 2020 Oct 13 |
| Event | 28th IEEE International Conference on Network Protocols, ICNP 2020 - Madrid, Spain Duration: 2020 Oct 13 → 2020 Oct 16 |
Publication series
| Name | Proceedings - International Conference on Network Protocols, ICNP |
|---|---|
| Volume | 2020-October |
| ISSN (Print) | 1092-1648 |
Conference
| Conference | 28th IEEE International Conference on Network Protocols, ICNP 2020 |
|---|---|
| Country/Territory | Spain |
| City | Madrid |
| Period | 20/10/13 → 20/10/16 |
Bibliographical note
Funding Information:ACKNOWLEDGMENT This research was supported by Korea Institute of Science and Technology Information (KISTI). Prof. Heejun Roh is the corresponding author.
Publisher Copyright:
© 2020 IEEE.
Keywords
- Mal-ware
- Malware Family
- TLS Flow Metadata
- Transport Layer Security (TLS)
- Visualization
ASJC Scopus subject areas
- Computer Networks and Communications
- Software