Hybrid Malicious Encrypted Network Traffic Flow Detection Model

Abstract

Encrypted communication technology has evolved as the network, and Internet applications have advanced. Malicious communication, on the other hand, employs encryption to bypass standard detection and security protection. The existing security prevention and detection technologies are unable to identify harmful communication that is encrypted. The growth of artificial intelligence (AI) in these days has enabled to employ machine learning (ML) as well as deep learning approaches to identify encrypted malicious communications without decryption, with remarkably precise detection outcomes. At this moment, research on detecting harmful encrypted traffic is mostly focused on analyzing the features of encrypted data and selecting neural network (NN) techniques. Hybrid ML is proposed in this study by merging two well-performing data mining algorithms with natural language processing tasks. Here, a new traffic flow detection method is performed by the hybrid ML technique. At first, the benchmark data is collected from public sources. The features are extracted using the convolutional layer of deep convolutional neural network (DCNN). Then, the weighted feature extraction is performed by grasshopper optimization algorithm (GOA). Employed the hybrid machine learning-based malicious detection with the “support vector machine (SVM) and neural network (NN)” is utilized in this model to detect the traffic affected by malicious activities, where the hidden neuron count of NN and kernel of SVM are tuning by the same GOA for increasing the accuracy and precision. This research provides findings from experiment, encouraging various researchers to develop the research as future work. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.