{"id":"https://openalex.org/W3118111094","doi":"https://doi.org/10.1145/3428363.3428365","title":"Machine Learning Based Malware Detection on Encrypted Traffic: A Comprehensive Performance Study","display_name":"Machine Learning Based Malware Detection on Encrypted Traffic: A Comprehensive Performance Study","publication_year":2020,"publication_date":"2020-12-22","ids":{"openalex":"https://openalex.org/W3118111094","doi":"https://doi.org/10.1145/3428363.3428365","mag":"3118111094"},"language":"en","primary_location":{"id":"doi:10.1145/3428363.3428365","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3428363.3428365","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"7th International Conference on Networking, Systems and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048859921","display_name":"Onur Barut","orcid":"https://orcid.org/0000-0002-0599-1515"},"institutions":[{"id":"https://openalex.org/I133738476","display_name":"University of Massachusetts Lowell","ror":"https://ror.org/03hamhx47","country_code":"US","type":"education","lineage":["https://openalex.org/I133738476"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Onur Barut","raw_affiliation_strings":["University of Massachusetts Lowell, USA"],"affiliations":[{"raw_affiliation_string":"University of Massachusetts Lowell, USA","institution_ids":["https://openalex.org/I133738476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069826478","display_name":"Matthew Grohotolski","orcid":null},"institutions":[{"id":"https://openalex.org/I35429941","display_name":"Elizabethtown College","ror":"https://ror.org/01y0mgq54","country_code":"US","type":"education","lineage":["https://openalex.org/I35429941"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Matthew Grohotolski","raw_affiliation_strings":["Elizabethtown College, USA"],"affiliations":[{"raw_affiliation_string":"Elizabethtown College, USA","institution_ids":["https://openalex.org/I35429941"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006934440","display_name":"Connor DiLeo","orcid":null},"institutions":[{"id":"https://openalex.org/I35429941","display_name":"Elizabethtown College","ror":"https://ror.org/01y0mgq54","country_code":"US","type":"education","lineage":["https://openalex.org/I35429941"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Connor DiLeo","raw_affiliation_strings":["Elizabethtown College, USA"],"affiliations":[{"raw_affiliation_string":"Elizabethtown College, USA","institution_ids":["https://openalex.org/I35429941"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003621523","display_name":"Yan Luo","orcid":"https://orcid.org/0000-0002-5301-5092"},"institutions":[{"id":"https://openalex.org/I133738476","display_name":"University of Massachusetts Lowell","ror":"https://ror.org/03hamhx47","country_code":"US","type":"education","lineage":["https://openalex.org/I133738476"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yan Luo","raw_affiliation_strings":["University of Massachusetts Lowell, USA"],"affiliations":[{"raw_affiliation_string":"University of Massachusetts Lowell, USA","institution_ids":["https://openalex.org/I133738476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101732107","display_name":"Peilong Li","orcid":"https://orcid.org/0000-0002-1622-0214"},"institutions":[{"id":"https://openalex.org/I35429941","display_name":"Elizabethtown College","ror":"https://ror.org/01y0mgq54","country_code":"US","type":"education","lineage":["https://openalex.org/I35429941"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Peilong Li","raw_affiliation_strings":["Elizabethtown College, USA"],"affiliations":[{"raw_affiliation_string":"Elizabethtown College, USA","institution_ids":["https://openalex.org/I35429941"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100378792","display_name":"Tong Zhang","orcid":"https://orcid.org/0000-0002-5511-2558"},"institutions":[{"id":"https://openalex.org/I1343180700","display_name":"Intel (United States)","ror":"https://ror.org/01ek73717","country_code":"US","type":"company","lineage":["https://openalex.org/I1343180700"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tong Zhang","raw_affiliation_strings":["Intel Corporation, USA"],"affiliations":[{"raw_affiliation_string":"Intel Corporation, USA","institution_ids":["https://openalex.org/I1343180700"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5048859921"],"corresponding_institution_ids":["https://openalex.org/I133738476"],"apc_list":null,"apc_paid":null,"fwci":1.0792,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.80141332,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"45","last_page":"55"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8551864624023438},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8277180194854736},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.7874442338943481},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5496578216552734},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5129110813140869},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.46369659900665283},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.46283483505249023},{"id":"https://openalex.org/keywords/throughput","display_name":"Throughput","score":0.4547097980976105},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.39287468791007996},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2908799648284912},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2303425669670105}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8551864624023438},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8277180194854736},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.7874442338943481},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5496578216552734},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5129110813140869},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.46369659900665283},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.46283483505249023},{"id":"https://openalex.org/C157764524","wikidata":"https://www.wikidata.org/wiki/Q1383412","display_name":"Throughput","level":3,"score":0.4547097980976105},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.39287468791007996},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2908799648284912},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2303425669670105},{"id":"https://openalex.org/C555944384","wikidata":"https://www.wikidata.org/wiki/Q249","display_name":"Wireless","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3428363.3428365","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3428363.3428365","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"7th International Conference on Networking, Systems and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W1971342071","https://openalex.org/W2042495914","https://openalex.org/W2100537916","https://openalex.org/W2150755264","https://openalex.org/W2156223899","https://openalex.org/W2337720802","https://openalex.org/W2591712613","https://openalex.org/W2599600800","https://openalex.org/W2762776925","https://openalex.org/W2771399008","https://openalex.org/W2789828921","https://openalex.org/W2793758704","https://openalex.org/W2807319534","https://openalex.org/W2892460540","https://openalex.org/W2963065250","https://openalex.org/W3008535060","https://openalex.org/W3009091629","https://openalex.org/W4299133070","https://openalex.org/W4321488714"],"related_works":["https://openalex.org/W2770234245","https://openalex.org/W2097492617","https://openalex.org/W96612179","https://openalex.org/W2753240997","https://openalex.org/W2566006169","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2987774938","https://openalex.org/W2740895074","https://openalex.org/W2772446090"],"abstract_inverted_index":{"The":[0],"increasing":[1],"volume":[2],"of":[3,27,51,76,92,111,137],"encrypted":[4,62],"network":[5],"traffic":[6],"yields":[7],"a":[8,45,49,129],"clutter":[9],"for":[10],"hackers":[11],"to":[12,15,60,71,85,145],"use":[13],"encryption":[14],"spread":[16],"their":[17,87],"malicious":[18],"software":[19],"on":[20,31,48,64,131],"the":[21,25,32,73,77,100,109,112,124,132,138],"network.":[22],"We":[23,43],"study":[24,47],"problem":[26],"detecting":[28],"TLS-encrypted":[29],"malware":[30,63,66],"client":[33],"side":[34],"using":[35,115],"metadata":[36],"and":[37,56,94,102,121,134,142],"TLS":[38],"protocol":[39],"related":[40],"flow":[41],"features.":[42],"conduct":[44,82],"comprehensive":[46,83],"set":[50],"widely":[52],"used":[53],"machine":[54,139],"learning":[55,58,140],"deep":[57],"algorithms":[59],"detect":[61],"two":[65],"flows":[67],"datasets.":[68],"In":[69],"addition":[70],"reporting":[72],"classification":[74],"accuracy":[75],"approaches":[78],"under":[79],"study,":[80],"we":[81,106,127],"experiments":[84],"quantify":[86],"run-time":[88,135],"performance":[89,136],"in":[90],"terms":[91],"throughput":[93],"system":[95],"resource":[96],"utilization":[97],"such":[98,118],"as":[99,119],"CPU":[101],"RAM":[103],"utilization.":[104],"Moreover,":[105],"further":[107],"boost":[108],"speed":[110],"detection":[113],"systems":[114],"acceleration":[116],"libraries":[117],"DAAL":[120],"OpenVINO.":[122],"Through":[123],"quantitative":[125],"analysis,":[126],"provide":[128],"comparison":[130],"effectiveness":[133],"models,":[141],"evaluate":[143],"techniques":[144],"accelerate":[146],"real-world":[147],"deployment.":[148]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}