Poster: Feasibility of Malware Traffic Analysis through TLS-Encrypted Flow Visualization

Dongeon Kim, Jihun Han, Jinwoo Lee, Heejun Roh, Wonjun Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

With the wide adoption of TLS, malware's use of TLS is also growing fast. However, fine-grained feature selection in existing approaches is too burdensome. To this end, we propose to visualize TLS-encrypted flow metadata as an image for better malware traffic analysis and classification. We discuss its feasibility and show some preliminary classification results with high accuracy.

Original languageEnglish
Title of host publication28th IEEE International Conference on Network Protocols, ICNP 2020
PublisherIEEE Computer Society
ISBN (Electronic)9781728169927
DOIs
Publication statusPublished - 2020 Oct 13
Event28th IEEE International Conference on Network Protocols, ICNP 2020 - Madrid, Spain
Duration: 2020 Oct 132020 Oct 16

Publication series

NameProceedings - International Conference on Network Protocols, ICNP
Volume2020-October
ISSN (Print)1092-1648

Conference

Conference28th IEEE International Conference on Network Protocols, ICNP 2020
Country/TerritorySpain
CityMadrid
Period20/10/1320/10/16

Bibliographical note

Funding Information:
ACKNOWLEDGMENT This research was supported by Korea Institute of Science and Technology Information (KISTI). Prof. Heejun Roh is the corresponding author.

Publisher Copyright:
© 2020 IEEE.

Keywords

  • Mal-ware
  • Malware Family
  • TLS Flow Metadata
  • Transport Layer Security (TLS)
  • Visualization

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'Poster: Feasibility of Malware Traffic Analysis through TLS-Encrypted Flow Visualization'. Together they form a unique fingerprint.

Cite this