With the wide adoption of TLS, malware's use of TLS is also growing fast. However, fine-grained feature selection in existing approaches is too burdensome. To this end, we propose to visualize TLS-encrypted flow metadata as an image for better malware traffic analysis and classification. We discuss its feasibility and show some preliminary classification results with high accuracy.
|Title of host publication||28th IEEE International Conference on Network Protocols, ICNP 2020|
|Publisher||IEEE Computer Society|
|Publication status||Published - 2020 Oct 13|
|Event||28th IEEE International Conference on Network Protocols, ICNP 2020 - Madrid, Spain|
Duration: 2020 Oct 13 → 2020 Oct 16
|Name||Proceedings - International Conference on Network Protocols, ICNP|
|Conference||28th IEEE International Conference on Network Protocols, ICNP 2020|
|Period||20/10/13 → 20/10/16|
Bibliographical noteFunding Information:
ACKNOWLEDGMENT This research was supported by Korea Institute of Science and Technology Information (KISTI). Prof. Heejun Roh is the corresponding author.
© 2020 IEEE.
- Malware Family
- TLS Flow Metadata
- Transport Layer Security (TLS)
ASJC Scopus subject areas
- Computer Networks and Communications