Title
Machine Learning Based Malware Detection on Encrypted Traffic: A Comprehensive Performance Study
Document Type
Conference Proceeding
Publication Title
ACM International Conference Proceeding Series
Publication Date
12-22-2020
Abstract
The increasing volume of encrypted network traffic yields a clutter for hackers to use encryption to spread their malicious software on the network. We study the problem of detecting TLS-encrypted malware on the client side using metadata and TLS protocol related flow features. We conduct a comprehensive study on a set of widely used machine learning and deep learning algorithms to detect encrypted malware on two malware flows datasets. In addition to reporting the classification accuracy of the approaches under study, we conduct comprehensive experiments to quantify their run-time performance in terms of throughput and system resource utilization such as the CPU and RAM utilization. Moreover, we further boost the speed of the detection systems using acceleration libraries such as DAAL and OpenVINO. Through the quantitative analysis, we provide a comparison on the effectiveness and run-time performance of the machine learning models, and evaluate techniques to accelerate real-world deployment.
First Page
47
Last Page
55
DOI
10.1145/3428363.3428365
ISBN
9781450389051
Recommended Citation
Barut, Onur; Grohotolski, Matthew; Dileo, Connor; Luo, Yan; Li, Peilong; and Zhang, Tong, "Machine Learning Based Malware Detection on Encrypted Traffic: A Comprehensive Performance Study" (2020). Faculty Publications. 835.
https://jayscholar.etown.edu/facpubharvest/835
