Abstract
With the wide adoption of TLS, malware's use of TLS is also growing fast. However, fine-grained feature selection in existing approaches is too burdensome. To this end, we propose to visualize TLS-encrypted flow metadata as an image for better malware traffic analysis and classification. We discuss its feasibility and show some preliminary classification results with high accuracy.
Original language | English |
---|---|
Title of host publication | 28th IEEE International Conference on Network Protocols, ICNP 2020 |
Publisher | IEEE Computer Society |
ISBN (Electronic) | 9781728169927 |
DOIs | |
Publication status | Published - 2020 Oct 13 |
Event | 28th IEEE International Conference on Network Protocols, ICNP 2020 - Madrid, Spain Duration: 2020 Oct 13 → 2020 Oct 16 |
Publication series
Name | Proceedings - International Conference on Network Protocols, ICNP |
---|---|
Volume | 2020-October |
ISSN (Print) | 1092-1648 |
Conference
Conference | 28th IEEE International Conference on Network Protocols, ICNP 2020 |
---|---|
Country/Territory | Spain |
City | Madrid |
Period | 20/10/13 → 20/10/16 |
Bibliographical note
Funding Information:ACKNOWLEDGMENT This research was supported by Korea Institute of Science and Technology Information (KISTI). Prof. Heejun Roh is the corresponding author.
Publisher Copyright:
© 2020 IEEE.
Keywords
- Mal-ware
- Malware Family
- TLS Flow Metadata
- Transport Layer Security (TLS)
- Visualization
ASJC Scopus subject areas
- Computer Networks and Communications
- Software