{"id":"https://openalex.org/W2912856897","doi":"https://doi.org/10.1109/tvt.2019.2894290","title":"A Heuristic Statistical Testing Based Approach for Encrypted Network Traffic Identification","display_name":"A Heuristic Statistical Testing Based Approach for Encrypted Network Traffic Identification","publication_year":2019,"publication_date":"2019-01-22","ids":{"openalex":"https://openalex.org/W2912856897","doi":"https://doi.org/10.1109/tvt.2019.2894290","mag":"2912856897"},"language":"en","primary_location":{"id":"doi:10.1109/tvt.2019.2894290","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tvt.2019.2894290","pdf_url":null,"source":{"id":"https://openalex.org/S10936095","display_name":"IEEE Transactions on Vehicular Technology","issn_l":"0018-9545","issn":["0018-9545","1939-9359"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Vehicular Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029715489","display_name":"Weina Niu","orcid":"https://orcid.org/0000-0002-3235-3463"},"institutions":[{"id":"https://openalex.org/I24185976","display_name":"Sichuan University","ror":"https://ror.org/011ashp19","country_code":"CN","type":"education","lineage":["https://openalex.org/I24185976"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Weina Niu","raw_affiliation_strings":["College of Cybersecurity, Sichuan University, Chengdu, China"],"affiliations":[{"raw_affiliation_string":"College of Cybersecurity, Sichuan University, Chengdu, China","institution_ids":["https://openalex.org/I24185976"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047181418","display_name":"Zhongliu Zhuo","orcid":"https://orcid.org/0000-0002-0404-6765"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhongliu Zhuo","raw_affiliation_strings":["Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China"],"affiliations":[{"raw_affiliation_string":"Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100780268","display_name":"Xiaosong Zhang","orcid":"https://orcid.org/0000-0001-9886-1412"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaosong Zhang","raw_affiliation_strings":["Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China"],"affiliations":[{"raw_affiliation_string":"Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060514022","display_name":"Xiaojiang Du","orcid":"https://orcid.org/0000-0003-4235-9671"},"institutions":[{"id":"https://openalex.org/I84392919","display_name":"Temple University","ror":"https://ror.org/00kx1jb78","country_code":"US","type":"education","lineage":["https://openalex.org/I84392919"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaojiang Du","raw_affiliation_strings":["Department of Computer and Information Sciences, Temple University, Philadelphia, PA, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer and Information Sciences, Temple University, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I84392919"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012354366","display_name":"Guowu Yang","orcid":"https://orcid.org/0000-0002-5133-0320"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guowu Yang","raw_affiliation_strings":["Big Data Research Center, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China"],"affiliations":[{"raw_affiliation_string":"Big Data Research Center, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5057916222","display_name":"Mohsen Guizani","orcid":"https://orcid.org/0000-0002-8972-8094"},"institutions":[{"id":"https://openalex.org/I60342839","display_name":"Qatar University","ror":"https://ror.org/00yhnba62","country_code":"QA","type":"education","lineage":["https://openalex.org/I60342839"]}],"countries":["QA"],"is_corresponding":false,"raw_author_name":"Mohsen Guizani","raw_affiliation_strings":["College of Engineering, Qatar University, Doha 2713, Qatar"],"affiliations":[{"raw_affiliation_string":"College of Engineering, Qatar University, Doha 2713, Qatar","institution_ids":["https://openalex.org/I60342839"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5029715489"],"corresponding_institution_ids":["https://openalex.org/I24185976"],"apc_list":null,"apc_paid":null,"fwci":3.1795,"has_fulltext":false,"cited_by_count":35,"citation_normalized_percentile":{"value":0.93489605,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"68","issue":"4","first_page":"3843","last_page":"3853"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/handshake","display_name":"Handshake","score":0.8182305693626404},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.7266889810562134},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7086597084999084},{"id":"https://openalex.org/keywords/payload","display_name":"Payload (computing)","score":0.6073197722434998},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4920210540294647},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.46284908056259155},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4528277516365051},{"id":"https://openalex.org/keywords/traffic-classification","display_name":"Traffic classification","score":0.4474214017391205},{"id":"https://openalex.org/keywords/heuristic","display_name":"Heuristic","score":0.4449135661125183},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.4275187849998474},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.41762539744377136},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.4122757017612457},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3958364427089691},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.2970117926597595},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.22696292400360107},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.1908685863018036},{"id":"https://openalex.org/keywords/asynchronous-communication","display_name":"Asynchronous communication","score":0.09906801581382751}],"concepts":[{"id":"https://openalex.org/C2778000800","wikidata":"https://www.wikidata.org/wiki/Q830043","display_name":"Handshake","level":3,"score":0.8182305693626404},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.7266889810562134},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7086597084999084},{"id":"https://openalex.org/C134066672","wikidata":"https://www.wikidata.org/wiki/Q1424639","display_name":"Payload (computing)","level":3,"score":0.6073197722434998},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4920210540294647},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.46284908056259155},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4528277516365051},{"id":"https://openalex.org/C169988225","wikidata":"https://www.wikidata.org/wiki/Q7832484","display_name":"Traffic classification","level":3,"score":0.4474214017391205},{"id":"https://openalex.org/C173801870","wikidata":"https://www.wikidata.org/wiki/Q201413","display_name":"Heuristic","level":2,"score":0.4449135661125183},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.4275187849998474},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.41762539744377136},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.4122757017612457},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3958364427089691},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.2970117926597595},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.22696292400360107},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.1908685863018036},{"id":"https://openalex.org/C151319957","wikidata":"https://www.wikidata.org/wiki/Q752739","display_name":"Asynchronous communication","level":2,"score":0.09906801581382751},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tvt.2019.2894290","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tvt.2019.2894290","pdf_url":null,"source":{"id":"https://openalex.org/S10936095","display_name":"IEEE Transactions on Vehicular Technology","issn_l":"0018-9545","issn":["0018-9545","1939-9359"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Vehicular Technology","raw_type":"journal-article"},{"id":"pmh:oai:qspace.qu.edu.qa:10576/14052","is_oa":false,"landing_page_url":"http://hdl.handle.net/10576/14052","pdf_url":null,"source":{"id":"https://openalex.org/S4306400014","display_name":"Qatar University QSpace (Qatar University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I60342839","host_organization_name":"Qatar University","host_organization_lineage":["https://openalex.org/I60342839"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5600000023841858,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G6248607417","display_name":null,"funder_award_id":"61572115","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W25360022","https://openalex.org/W126709651","https://openalex.org/W158006909","https://openalex.org/W172257391","https://openalex.org/W576517958","https://openalex.org/W1472561848","https://openalex.org/W1517403092","https://openalex.org/W1553465615","https://openalex.org/W1667023885","https://openalex.org/W1752315353","https://openalex.org/W1963898916","https://openalex.org/W1972721567","https://openalex.org/W2000756828","https://openalex.org/W2025482752","https://openalex.org/W2025905409","https://openalex.org/W2080765376","https://openalex.org/W2096674597","https://openalex.org/W2098260898","https://openalex.org/W2103604224","https://openalex.org/W2114337635","https://openalex.org/W2125492197","https://openalex.org/W2140679274","https://openalex.org/W2144098589","https://openalex.org/W2144256483","https://openalex.org/W2158215699","https://openalex.org/W2170018742","https://openalex.org/W2179036394","https://openalex.org/W2460736843","https://openalex.org/W2465142808","https://openalex.org/W2517389839","https://openalex.org/W2601560571","https://openalex.org/W2743402300","https://openalex.org/W2789985949","https://openalex.org/W2805949242","https://openalex.org/W2962742271","https://openalex.org/W3198310217","https://openalex.org/W4243494487","https://openalex.org/W6601067974","https://openalex.org/W6616521753","https://openalex.org/W6628715580","https://openalex.org/W6656550275","https://openalex.org/W6719054786","https://openalex.org/W6800733230","https://openalex.org/W6825343983"],"related_works":["https://openalex.org/W2358991869","https://openalex.org/W2540871598","https://openalex.org/W2289378658","https://openalex.org/W1531360494","https://openalex.org/W2093529019","https://openalex.org/W1982325601","https://openalex.org/W4240432851","https://openalex.org/W154233216","https://openalex.org/W2626486901","https://openalex.org/W1988007309"],"abstract_inverted_index":{"In":[0,65],"recent":[1],"years,":[2],"malware":[3],"with":[4,129,196],"strong":[5],"concealment":[6],"uses":[7,141],"encrypted":[8,14,29,60],"protocol":[9,35],"to":[10,21,48,87,98,106,120],"evade":[11],"detection.":[12],"Thus,":[13],"traffic":[15,61,139],"identification":[16,131,202],"can":[17],"help":[18],"security":[19],"analysts":[20],"be":[22],"more":[23],"effective":[24],"in":[25],"narrowing":[26],"down":[27],"those":[28],"network":[30],"traffic.":[31,211],"Existing":[32],"methods":[33],"are":[34,46],"independent,":[36],"such":[37],"as":[38],"statistical-based":[39],"and":[40,51,80,83,146,163,208],"machine-learning-based":[41,52],"approaches.":[42,165],"Statistical-based":[43],"approaches,":[44],"however,":[45],"confined":[47],"payload":[49,101],"length":[50],"approaches":[53,132],"have":[54],"a":[55,70,113,134],"low":[56],"recognition":[57],"rate":[58],"for":[59,103,177,204],"using":[62],"undisclosed":[63],"protocols.":[64,150,180],"this":[66],"paper,":[67],"we":[68,182],"proposed":[69,112],"heuristic":[71],"statistical":[72],"testing":[73,135],"(HST)":[74],"approach":[75,128],"that":[76,140,154,169,194],"combines":[77],"both":[78],"statistics":[79],"machine":[81,104],"learning":[82,105],"has":[84,199],"been":[85],"proved":[86],"alleviate":[88],"their":[89],"respective":[90],"deficiencies.":[91],"We":[92,110,125,166],"manually":[93],"selected":[94],"four":[95],"randomness":[96],"tests":[97],"extract":[99],"small":[100],"features":[102],"improve":[107],"real-time":[108],"performances.":[109],"also":[111,167,183],"simple":[114],"handshake":[115,171],"skipping":[116,172],"method":[117,173],"called":[118],"HST-R":[119,155],"increase":[121],"the":[122,200],"classification":[123,189],"accuracy.":[124],"compared":[126],"our":[127,170,197],"other":[130,159],"on":[133],"dataset":[136],"consisting":[137],"of":[138],"two":[142,144],"known,":[143],"undisclosed,":[145],"one":[147],"custom":[148],"cryptographic":[149,179],"Experimental":[151],"results":[152,192],"showed":[153,168,193],"performs":[156],"better":[157,176],"than":[158],"traditional":[160],"coding-based,":[161],"entropy-based,":[162],"ML-based":[164],"could":[174],"generalize":[175],"unknown":[178],"Finally,":[181],"conducted":[184],"experimental":[185],"comparisons":[186],"among":[187],"different":[188],"algorithms.":[190],"The":[191],"C4.5,":[195],"method,":[198],"highest":[201],"accuracy":[203],"secure":[205,209],"sockets":[206],"layer":[207],"shell":[210]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":7},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":2}],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2025-10-10T00:00:00"}