{"id":"https://openalex.org/W3000027147","doi":"https://doi.org/10.1145/3371676.3371697","title":"SSL Malicious Traffic Detection Based On Multi-view Features","display_name":"SSL Malicious Traffic Detection Based On Multi-view Features","publication_year":2019,"publication_date":"2019-11-15","ids":{"openalex":"https://openalex.org/W3000027147","doi":"https://doi.org/10.1145/3371676.3371697","mag":"3000027147"},"language":"en","primary_location":{"id":"doi:10.1145/3371676.3371697","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3371676.3371697","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 9th International Conference on Communication and Network Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5051590067","display_name":"Rui Dai","orcid":"https://orcid.org/0000-0002-3698-4086"},"institutions":[{"id":"https://openalex.org/I4391767781","display_name":"State Key Laboratory of Software Development Environment","ror":"https://ror.org/017r4dj03","country_code":null,"type":"facility","lineage":["https://openalex.org/I4391767781","https://openalex.org/I82880672"]},{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Rui Dai","raw_affiliation_strings":["State Key Laboratory of Software Development Environment, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Software Development Environment, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102844145","display_name":"Chuan Gao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210087772","display_name":"National Computer Network Emergency Response Technical Team/Coordination Center of Chinar","ror":"https://ror.org/00247dh76","country_code":"CN","type":"nonprofit","lineage":["https://openalex.org/I4210087772"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chuan Gao","raw_affiliation_strings":["National Computer Network Emergency Response Technical Team, Beijing, China"],"affiliations":[{"raw_affiliation_string":"National Computer Network Emergency Response Technical Team, Beijing, China","institution_ids":["https://openalex.org/I4210087772"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100310123","display_name":"Bo Lang","orcid":null},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I4391767781","display_name":"State Key Laboratory of Software Development Environment","ror":"https://ror.org/017r4dj03","country_code":null,"type":"facility","lineage":["https://openalex.org/I4391767781","https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bo Lang","raw_affiliation_strings":["State Key Laboratory of Software Development Environment, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Software Development Environment, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069601403","display_name":"Lixia Yang","orcid":"https://orcid.org/0000-0001-5518-9195"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I4391767781","display_name":"State Key Laboratory of Software Development Environment","ror":"https://ror.org/017r4dj03","country_code":null,"type":"facility","lineage":["https://openalex.org/I4391767781","https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lixia Yang","raw_affiliation_strings":["State Key Laboratory of Software Development Environment, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Software Development Environment, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101853344","display_name":"Hongyu Liu","orcid":"https://orcid.org/0000-0002-5926-3513"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I4391767781","display_name":"State Key Laboratory of Software Development Environment","ror":"https://ror.org/017r4dj03","country_code":null,"type":"facility","lineage":["https://openalex.org/I4391767781","https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hongyu Liu","raw_affiliation_strings":["State Key Laboratory of Software Development Environment, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Software Development Environment, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100623654","display_name":"Shaojie Chen","orcid":"https://orcid.org/0000-0002-1974-6019"},"institutions":[{"id":"https://openalex.org/I4210128818","display_name":"Institute of Software","ror":"https://ror.org/033dfsn42","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210128818"]},{"id":"https://openalex.org/I4391767781","display_name":"State Key Laboratory of Software Development Environment","ror":"https://ror.org/017r4dj03","country_code":null,"type":"facility","lineage":["https://openalex.org/I4391767781","https://openalex.org/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shaojie Chen","raw_affiliation_strings":["State Key Laboratory of Software Development Environment, Beijing, China"],"affiliations":[{"raw_affiliation_string":"State Key Laboratory of Software Development Environment, Beijing, China","institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5051590067"],"corresponding_institution_ids":["https://openalex.org/I4210128818","https://openalex.org/I4391767781"],"apc_list":null,"apc_paid":null,"fwci":1.5402,"has_fulltext":false,"cited_by_count":26,"citation_normalized_percentile":{"value":0.87768512,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"40","last_page":"46"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8190207481384277},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.7934560775756836},{"id":"https://openalex.org/keywords/deep-packet-inspection","display_name":"Deep packet inspection","score":0.7116982936859131},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.6352294683456421},{"id":"https://openalex.org/keywords/handshake","display_name":"Handshake","score":0.6117754578590393},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.6042459011077881},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.5299338698387146},{"id":"https://openalex.org/keywords/transport-layer-security","display_name":"Transport Layer Security","score":0.5264426469802856},{"id":"https://openalex.org/keywords/traffic-classification","display_name":"Traffic classification","score":0.4889789819717407},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4848157465457916},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.47181642055511475},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.45429909229278564},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.43114253878593445},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.4281652271747589},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4164227843284607},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4060939848423004},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.39454376697540283},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.37758731842041016},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.36216121912002563},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.10554468631744385}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8190207481384277},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.7934560775756836},{"id":"https://openalex.org/C204679922","wikidata":"https://www.wikidata.org/wiki/Q734252","display_name":"Deep packet inspection","level":3,"score":0.7116982936859131},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.6352294683456421},{"id":"https://openalex.org/C2778000800","wikidata":"https://www.wikidata.org/wiki/Q830043","display_name":"Handshake","level":3,"score":0.6117754578590393},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.6042459011077881},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.5299338698387146},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.5264426469802856},{"id":"https://openalex.org/C169988225","wikidata":"https://www.wikidata.org/wiki/Q7832484","display_name":"Traffic classification","level":3,"score":0.4889789819717407},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4848157465457916},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.47181642055511475},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.45429909229278564},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.43114253878593445},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.4281652271747589},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4164227843284607},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4060939848423004},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.39454376697540283},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.37758731842041016},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.36216121912002563},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.10554468631744385},{"id":"https://openalex.org/C151319957","wikidata":"https://www.wikidata.org/wiki/Q752739","display_name":"Asynchronous communication","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3371676.3371697","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3371676.3371697","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2019 9th International Conference on Communication and Network Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1528620860","https://openalex.org/W1563088657","https://openalex.org/W1594031697","https://openalex.org/W2073089243","https://openalex.org/W2143201208","https://openalex.org/W2167240430","https://openalex.org/W2273944394","https://openalex.org/W2537766808","https://openalex.org/W2566050683","https://openalex.org/W2607842021","https://openalex.org/W2743556905","https://openalex.org/W2897924986","https://openalex.org/W2911964244","https://openalex.org/W2963065250","https://openalex.org/W3098142495"],"related_works":["https://openalex.org/W4296873577","https://openalex.org/W4295681914","https://openalex.org/W2503991861","https://openalex.org/W2516734788","https://openalex.org/W1971902782","https://openalex.org/W2612638001","https://openalex.org/W2347296673","https://openalex.org/W4319159013","https://openalex.org/W2337566776","https://openalex.org/W1557407300"],"abstract_inverted_index":{"In":[0,52,78],"recent":[1],"years,":[2],"as":[3],"more":[4,6],"and":[5,16,45,107,126],"softwares":[7],"use":[8],"SSL":[9,37,84,104],"encryption":[10],"protocol":[11],"to":[12,29,63,109],"improve":[13],"the":[14,20,36,54,129,152],"security":[15],"integrity":[17],"of":[18,35,69,143],"communications,":[19],"encrypted":[21,64,70],"traffic":[22,38,65,72,86],"is":[23,39,73,146],"growing,":[24],"which":[25,145],"brings":[26],"new":[27],"challenges":[28],"cyber":[30],"attack":[31],"detection.":[32,66],"Since":[33],"most":[34],"unreadable":[40],"ciphertext,":[41],"traditional":[42],"pattern":[43],"recognition":[44],"deep":[46],"packet":[47],"inspection":[48],"are":[49,59],"not":[50,60],"applicable.":[51],"addition,":[53],"current":[55],"machine":[56,117],"learning":[57,118],"methods":[58],"fully":[61],"applicable":[62],"The":[67,133],"detection":[68,87],"malicious":[71,85],"still":[74],"an":[75,83,141],"open":[76],"problem.":[77],"this":[79],"paper,":[80],"we":[81],"propose":[82],"method":[88,94],"based":[89],"on":[90,128,151],"multi-view":[91],"features.":[92],"Our":[93],"comprehensively":[95],"extracts":[96],"features":[97],"from":[98],"multiple":[99],"views,":[100],"including":[101],"flow":[102],"statistics,":[103],"handshake":[105],"field,":[106],"certificate":[108],"retain":[110],"key":[111],"original":[112],"information.":[113],"We":[114],"test":[115],"four":[116],"models,":[119],"i.e.,":[120],"SVM,":[121],"Decision":[122],"Tree,":[123],"Random":[124],"Forest,":[125],"XGBoost":[127,137],"CTU":[130,153],"Malware":[131],"dataset.":[132,154],"results":[134],"show":[135],"that":[136],"performs":[138],"best":[139],"reaching":[140],"accuracy":[142],"97.71%,":[144],"better":[147],"than":[148],"other":[149],"studies":[150]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}