{"id":"https://openalex.org/W4411551383","doi":"https://doi.org/10.1109/cscwd64889.2025.11033261","title":"DeepBytes: Hierarchical Features Fusion with Deep Byte Feature for Malicious Traffic Detection","display_name":"DeepBytes: Hierarchical Features Fusion with Deep Byte Feature for Malicious Traffic Detection","publication_year":2025,"publication_date":"2025-05-05","ids":{"openalex":"https://openalex.org/W4411551383","doi":"https://doi.org/10.1109/cscwd64889.2025.11033261"},"language":"en","primary_location":{"id":"doi:10.1109/cscwd64889.2025.11033261","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cscwd64889.2025.11033261","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 28th International Conference on Computer Supported Cooperative Work in Design (CSCWD)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102963736","display_name":"Y. A. Han","orcid":"https://orcid.org/0000-0002-2384-130X"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yinglong Han","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100342517","display_name":"Haiyang Li","orcid":"https://orcid.org/0000-0002-6658-4745"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haiyang Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077031590","display_name":"Feng Guo","orcid":"https://orcid.org/0000-0001-7035-4806"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Feng Guo","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053423921","display_name":"Yixin Zhang","orcid":"https://orcid.org/0009-0002-2845-1818"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yixin Zhang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016681175","display_name":"Junjie Hu","orcid":"https://orcid.org/0000-0003-4712-2243"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junjie Hu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033243530","display_name":"Zhiqiang Lv","orcid":"https://orcid.org/0000-0002-3071-160X"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiqiang Lv","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences,Beijing,China,100085","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5102963736"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18532819,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2551","last_page":"2556"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/byte","display_name":"Byte","score":0.8229138255119324},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.776578426361084},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5050049424171448},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4762556552886963},{"id":"https://openalex.org/keywords/fusion","display_name":"Fusion","score":0.41918373107910156},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.3758467435836792},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09784892201423645}],"concepts":[{"id":"https://openalex.org/C43364308","wikidata":"https://www.wikidata.org/wiki/Q8799","display_name":"Byte","level":2,"score":0.8229138255119324},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.776578426361084},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5050049424171448},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4762556552886963},{"id":"https://openalex.org/C158525013","wikidata":"https://www.wikidata.org/wiki/Q2593739","display_name":"Fusion","level":2,"score":0.41918373107910156},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3758467435836792},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09784892201423645},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cscwd64889.2025.11033261","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cscwd64889.2025.11033261","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 28th International Conference on Computer Supported Cooperative Work in Design (CSCWD)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W2031163547","https://openalex.org/W2099940443","https://openalex.org/W2282377910","https://openalex.org/W2313731608","https://openalex.org/W2789828921","https://openalex.org/W2840169530","https://openalex.org/W2885812677","https://openalex.org/W2900293028","https://openalex.org/W2970405700","https://openalex.org/W2980115220","https://openalex.org/W3005641848","https://openalex.org/W3009091629","https://openalex.org/W3009422166","https://openalex.org/W3181348665","https://openalex.org/W4200347975","https://openalex.org/W4206518223","https://openalex.org/W4321461629","https://openalex.org/W4328028306","https://openalex.org/W4385245566","https://openalex.org/W4387846563","https://openalex.org/W4396723284","https://openalex.org/W6861769942"],"related_works":["https://openalex.org/W3042604642","https://openalex.org/W4242642347","https://openalex.org/W121858127","https://openalex.org/W2775143306","https://openalex.org/W4289329995","https://openalex.org/W2373574911","https://openalex.org/W2046727832","https://openalex.org/W4247895841","https://openalex.org/W2033914206","https://openalex.org/W2042327336"],"abstract_inverted_index":{"Malicious":[0],"traffic":[1,36,57,66,76,80,116,121],"detection":[2,58,141],"is":[3,122],"a":[4,45,54],"critical":[5],"means":[6],"to":[7,33,97],"detect":[8,173],"network":[9,18,96],"attacks,":[10],"and":[11,70,72,87,107,124,135,143,152,170],"plays":[12],"an":[13],"essential":[14],"role":[15],"in":[16,44],"ensuring":[17],"security.":[19],"However,":[20],"most":[21],"existing":[22],"methods":[23],"only":[24],"focus":[25],"on":[26,132],"single":[27],"feature":[28,39,68,85],"or":[29],"statistical":[30],"feature,":[31,101],"failing":[32],"comprehensively":[34],"learn":[35],"information.":[37],"Moreover,":[38],"extraction":[40,69,86],"remains":[41],"superficial,":[42],"resulting":[43],"lack":[46],"of":[47,64,146],"important":[48],"details.":[49],"Thus,":[50],"this":[51],"paper":[52],"proposes":[53],"novel":[55],"malicious":[56,123],"method,":[59],"named":[60],"\u201cDeepBytes\u201d,":[61],"which":[62],"consists":[63],"original":[65,75],"vectorization,":[67],"fusion,":[71],"classification.":[73],"The":[74,115,159],"vectorization":[77],"converts":[78],"the":[79,84,93,111,120,133,140,156],"into":[81],"vectors.":[82],"In":[83],"fusion":[88],"phase,":[89],"we":[90],"first":[91],"use":[92],"proposed":[94,112,148],"CB-ResNet":[95],"extract":[98],"deep":[99],"byte":[100],"then":[102],"effectively":[103],"fuse":[104],"flow,":[105],"packet,":[106],"byte-level":[108],"features":[109],"through":[110],"multi-attention":[113],"algorithm.":[114],"classification":[117],"identifies":[118],"whether":[119],"determines":[125],"its":[126],"specific":[127],"type.":[128],"Extensive":[129],"experimental":[130],"results":[131,160],"ISCXIDS2012":[134],"CICIDS2017":[136],"datasets":[137],"indicate":[138],"that":[139,163],"performance":[142],"false":[144],"alarm":[145],"our":[147,164],"method":[149,165],"achieve":[150],"99.96%":[151],"0.01":[153],"%,":[154],"outperforming":[155],"state-of-the-art":[157],"methods.":[158],"also":[161],"demonstrate":[162],"has":[166],"excellent":[167],"generalization":[168],"capability":[169],"can":[171],"accurately":[172],"unknown":[174],"attacks.":[175]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}