{"id":"https://openalex.org/W4412906867","doi":"https://doi.org/10.1093/comjnl/bxaf093","title":"Detecting encrypted malicious traffic with HEAT: a header-focused deep learning approach","display_name":"Detecting encrypted malicious traffic with HEAT: a header-focused deep learning approach","publication_year":2025,"publication_date":"2025-07-14","ids":{"openalex":"https://openalex.org/W4412906867","doi":"https://doi.org/10.1093/comjnl/bxaf093"},"language":"en","primary_location":{"id":"doi:10.1093/comjnl/bxaf093","is_oa":false,"landing_page_url":"https://doi.org/10.1093/comjnl/bxaf093","pdf_url":null,"source":{"id":"https://openalex.org/S44643521","display_name":"The Computer Journal","issn_l":"0010-4620","issn":["0010-4620","1460-2067"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The Computer Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042192654","display_name":"Ernest Akpaku","orcid":"https://orcid.org/0000-0003-2540-3861"},"institutions":[{"id":"https://openalex.org/I115592961","display_name":"Jiangsu University","ror":"https://ror.org/03jc41j30","country_code":"CN","type":"education","lineage":["https://openalex.org/I115592961"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ernest Akpaku","raw_affiliation_strings":["School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","School of Computer Science and Communication Engineering, Jiangsu University, 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0003-2540-3861","affiliations":[{"raw_affiliation_string":"School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","institution_ids":["https://openalex.org/I115592961"]},{"raw_affiliation_string":"School of Computer Science and Communication Engineering, Jiangsu University, 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu, China","institution_ids":["https://openalex.org/I115592961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063671391","display_name":"Jinfu Chen","orcid":"https://orcid.org/0000-0002-3124-5452"},"institutions":[{"id":"https://openalex.org/I115592961","display_name":"Jiangsu University","ror":"https://ror.org/03jc41j30","country_code":"CN","type":"education","lineage":["https://openalex.org/I115592961"]},{"id":"https://openalex.org/I4210096899","display_name":"Jiangsu University of Science and Technology","ror":"https://ror.org/00tyjp878","country_code":"CN","type":"education","lineage":["https://openalex.org/I4210096899"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jinfu Chen","raw_affiliation_strings":["Jiangsu Key Laboratory of Security Technology for Industrial Cyberspace, Jiangsu University , 301 Xuefu Road, Zhenjiang, 212013, Jiangsu ,","School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","Jiangsu Key Laboratory of Security Technology for Industrial Cyberspace, Jiangsu University, 301 Xuefu Road, Zhenjiang, 212013, Jiangsu, China"],"raw_orcid":"https://orcid.org/0000-0002-3124-5452","affiliations":[{"raw_affiliation_string":"Jiangsu Key Laboratory of Security Technology for Industrial Cyberspace, Jiangsu University , 301 Xuefu Road, Zhenjiang, 212013, Jiangsu ,","institution_ids":["https://openalex.org/I115592961","https://openalex.org/I4210096899"]},{"raw_affiliation_string":"School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","institution_ids":["https://openalex.org/I115592961"]},{"raw_affiliation_string":"Jiangsu Key Laboratory of Security Technology for Industrial Cyberspace, Jiangsu University, 301 Xuefu Road, Zhenjiang, 212013, Jiangsu, China","institution_ids":["https://openalex.org/I115592961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008799702","display_name":"Mukhtar Ahmed","orcid":"https://orcid.org/0009-0000-0167-5593"},"institutions":[{"id":"https://openalex.org/I115592961","display_name":"Jiangsu University","ror":"https://ror.org/03jc41j30","country_code":"CN","type":"education","lineage":["https://openalex.org/I115592961"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mukhtar Ahmed","raw_affiliation_strings":["School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","School of Computer Science and Communication Engineering, Jiangsu University, 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu, China"],"raw_orcid":"https://orcid.org/0009-0000-0167-5593","affiliations":[{"raw_affiliation_string":"School of Computer Science and Communication Engineering, Jiangsu University , 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu ,","institution_ids":["https://openalex.org/I115592961"]},{"raw_affiliation_string":"School of Computer Science and Communication Engineering, Jiangsu University, 301 Xuefu Road, Jingkou District, Zhenjiang 212013, Jiangsu, China","institution_ids":["https://openalex.org/I115592961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056504562","display_name":"William Leslie Brown\u2010Acquaye","orcid":"https://orcid.org/0000-0001-9679-5976"},"institutions":[{"id":"https://openalex.org/I898088062","display_name":"Ghana Communication Technology University","ror":"https://ror.org/05hvkkr89","country_code":"GH","type":"education","lineage":["https://openalex.org/I898088062"]}],"countries":["GH"],"is_corresponding":false,"raw_author_name":"William Leslie Brown-Acquaye","raw_affiliation_strings":["Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana"],"raw_orcid":"https://orcid.org/0000-0001-9679-5976","affiliations":[{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","institution_ids":["https://openalex.org/I898088062"]},{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana","institution_ids":["https://openalex.org/I898088062"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009468977","display_name":"Francis Kwadzo Agbenyegah","orcid":"https://orcid.org/0000-0003-0569-2985"},"institutions":[{"id":"https://openalex.org/I898088062","display_name":"Ghana Communication Technology University","ror":"https://ror.org/05hvkkr89","country_code":"GH","type":"education","lineage":["https://openalex.org/I898088062"]}],"countries":["GH"],"is_corresponding":false,"raw_author_name":"Francis Kwadzo Agbenyegah","raw_affiliation_strings":["Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana"],"raw_orcid":"https://orcid.org/0000-0003-0569-2985","affiliations":[{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","institution_ids":["https://openalex.org/I898088062"]},{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana","institution_ids":["https://openalex.org/I898088062"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050920580","display_name":"Rexford Nii Ayitey Sosu","orcid":"https://orcid.org/0000-0001-5527-5114"},"institutions":[{"id":"https://openalex.org/I898088062","display_name":"Ghana Communication Technology University","ror":"https://ror.org/05hvkkr89","country_code":"GH","type":"education","lineage":["https://openalex.org/I898088062"]}],"countries":["GH"],"is_corresponding":false,"raw_author_name":"Rexford Nii Ayitey Sosu","raw_affiliation_strings":["Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana"],"raw_orcid":"https://orcid.org/0000-0001-5527-5114","affiliations":[{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University , Tesano, PMB 100, Accra ,","institution_ids":["https://openalex.org/I898088062"]},{"raw_affiliation_string":"Department of Information Technology, Ghana Communication Technology University, Tesano, PMB 100, Accra, Ghana","institution_ids":["https://openalex.org/I898088062"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5063671391"],"corresponding_institution_ids":["https://openalex.org/I115592961","https://openalex.org/I4210096899"],"apc_list":{"value":2635,"currency":"GBP","value_usd":3232},"apc_paid":null,"fwci":1.6573,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.87301016,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":97},"biblio":{"volume":"68","issue":"12","first_page":"2031","last_page":"2058"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9750999808311462,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/header","display_name":"Header","score":0.9015217423439026},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6632545590400696},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6506847143173218},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46434861421585083},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.36707353591918945},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.2641586661338806}],"concepts":[{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.9015217423439026},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6632545590400696},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6506847143173218},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46434861421585083},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.36707353591918945},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2641586661338806}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1093/comjnl/bxaf093","is_oa":false,"landing_page_url":"https://doi.org/10.1093/comjnl/bxaf093","pdf_url":null,"source":{"id":"https://openalex.org/S44643521","display_name":"The Computer Journal","issn_l":"0010-4620","issn":["0010-4620","1460-2067"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The Computer Journal","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G565499716","display_name":null,"funder_award_id":"2023T160275","funder_id":"https://openalex.org/F4320321543","funder_display_name":"China Postdoctoral Science Foundation"},{"id":"https://openalex.org/G5747080351","display_name":null,"funder_award_id":"62202206","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6369611365","display_name":null,"funder_award_id":"62172194","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6541628742","display_name":null,"funder_award_id":"U183 6116","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6747370699","display_name":null,"funder_award_id":"BK20220515","funder_id":"https://openalex.org/F4320322769","funder_display_name":"Natural Science Foundation of Jiangsu Province"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321543","display_name":"China Postdoctoral Science Foundation","ror":"https://ror.org/0426zh255"},{"id":"https://openalex.org/F4320322769","display_name":"Natural Science Foundation of Jiangsu Province","ror":"https://ror.org/01h0zpd94"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W1526710119","https://openalex.org/W2031163547","https://openalex.org/W2087263043","https://openalex.org/W2250539671","https://openalex.org/W2560647685","https://openalex.org/W2775103799","https://openalex.org/W2789828921","https://openalex.org/W2890507837","https://openalex.org/W3104103161","https://openalex.org/W3113177135","https://openalex.org/W3121886859","https://openalex.org/W3127995079","https://openalex.org/W3154284926","https://openalex.org/W3209546907","https://openalex.org/W4206912047","https://openalex.org/W4226033273","https://openalex.org/W4226086312","https://openalex.org/W4283219983","https://openalex.org/W4292387419","https://openalex.org/W4296231012","https://openalex.org/W4312893735","https://openalex.org/W4313654696","https://openalex.org/W4318773647","https://openalex.org/W4321019788","https://openalex.org/W4322619229","https://openalex.org/W4323362877","https://openalex.org/W4365149876","https://openalex.org/W4379054627","https://openalex.org/W4383373423","https://openalex.org/W4384518610","https://openalex.org/W4385636980","https://openalex.org/W4387108014","https://openalex.org/W4387491243","https://openalex.org/W4388312375","https://openalex.org/W4390880528","https://openalex.org/W4392939489","https://openalex.org/W4396821501","https://openalex.org/W4398150616","https://openalex.org/W4399555917","https://openalex.org/W4399728220","https://openalex.org/W4399817467","https://openalex.org/W4402005644","https://openalex.org/W4408304291","https://openalex.org/W4409405938","https://openalex.org/W6787995345","https://openalex.org/W6867176674"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2171597999","https://openalex.org/W2189136227","https://openalex.org/W1866537546","https://openalex.org/W630850086","https://openalex.org/W3200508093","https://openalex.org/W4372053344","https://openalex.org/W3193978431"],"abstract_inverted_index":{"Abstract":[0],"The":[1],"widespread":[2],"adoption":[3],"of":[4,87],"encryption":[5],"in":[6,175],"network":[7],"traffic":[8,23,67,196],"significantly":[9,149],"challenges":[10],"traditional":[11],"detection":[12,159],"methods":[13],"that":[14,54,82],"rely":[15],"on":[16,115,131,138,146],"payload":[17],"analysis.":[18,68],"Existing":[19],"approaches":[20],"often":[21],"convert":[22],"into":[24],"images":[25],"or":[26],"sequences":[27],"for":[28,48,65,109,193],"deep":[29],"learning":[30],"models,":[31],"producing":[32],"redundant":[33],"features":[34],"and":[35,102,118,128,135,140,153,184,190],"struggling":[36],"with":[37,76,99,143,166,173],"multi-protocol":[38],"environments.":[39],"In":[40],"this":[41],"study,":[42],"we":[43],"propose":[44],"HEAT":[45,69,92,148],"(Header-Embedded":[46],"Attention":[47],"Traffic":[49],"Detection),":[50],"a":[51,61,71,77,168,188],"novel":[52,78],"model":[53,108],"leverages":[55],"packet":[56],"header":[57,88],"fields":[58],"to":[59],"develop":[60],"robust":[62,191],"characteristic":[63],"representation":[64,86],"encrypted":[66,194],"introduces":[70],"hierarchical":[72],"attention":[73],"mechanism":[74],"combined":[75],"contextual":[79],"embedding":[80],"technique":[81],"enhances":[83],"the":[84,107],"semantic":[85],"field":[89],"values.":[90],"Additionally,":[91],"integrates":[93],"an":[94],"adapted":[95],"Kolmogorov\u2013Arnold":[96],"Network":[97],"classifier":[98],"B-spline":[100],"activations":[101],"L1":[103],"weight":[104],"regularization,":[105],"optimizing":[106],"efficient":[110],"real-time":[111],"processing.":[112],"Extensive":[113],"evaluations":[114],"CICIDS-2018,":[116,132],"Stratosphere,":[117,139],"ISCX2012":[119],"datasets":[120],"demonstrate":[121],"HEAT\u2019s":[122,181],"superior":[123],"performance,":[124],"achieving":[125],"98.95%":[126,162],"accuracy":[127,134,142,160],"98.28%":[129],"F1-score":[130,137,145,170],"99.5%":[133],"98.54%":[136],"99.75%":[141],"99.25%":[144],"ISCX2012.":[147],"outperforms":[150],"CNN,":[151],"LSTM,":[152],"BiGRU":[154],"baselines.":[155],"Moreover,":[156],"it":[157,187],"maintains":[158],"above":[161],"during":[163],"incremental":[164],"learning,":[165],"only":[167],"0.9%":[169],"drop,":[171],"compared":[172],"6.55%":[174],"conventional":[176],"models.":[177],"These":[178],"results":[179],"highlight":[180],"novelty,":[182],"stability,":[183],"adaptability,":[185],"making":[186],"scalable":[189],"solution":[192],"malicious":[195],"detection.":[197]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-06-23T06:36:01.041984","created_date":"2025-10-10T00:00:00"}
