Confirmation method for the detection of malicious encrypted traffic with data privacy protection

Gaofeng HE; Qianfeng WEI; Xiancai XIAO; Haiting ZHU; Bingfeng XU

Tongxin xuebao (Feb 2022)

Confirmation method for the detection of malicious encrypted traffic with data privacy protection

Gaofeng HE,
Qianfeng WEI,
Xiancai XIAO,
Haiting ZHU,
Bingfeng XU

Affiliations

Gaofeng HE
Qianfeng WEI
Xiancai XIAO
Haiting ZHU
Bingfeng XU

Journal volume & issue: Vol. 43
pp. 156 – 170

Abstract

Read online

In order to solve the problem that excessive false positives in the detection of encrypted malicious traffic based on machine learning, secure two-party computation was used to compare character segments between network traffic and intrusion detection rulers without revealing the data content.Based on the comparison results, an intrusion detection feature matching algorithm was designed to accurately match keywords.A random verification strategy for users’ input was also proposed to facilitate the method.As a result, malicious users couldn’t use arbitrary data to participate in secure two-party calculations and avoid confirmation.The security and resource consumption of the method were theoretically analyzed and verified by a combination of real deployment and simulation experiments.The experimental results show that the proposed method can significantly improve the detection performance with low system resources.

malicious encrypt traffic;machine learning;secure two-party computation;automatic confirmation

Published in Tongxin xuebao

ISSN: 1000-436X (Print)
Publisher: Editorial Department of Journal on Communications
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/txxb/EN/1000-436X/home.shtml

About the journal

Abstract

Keywords