[1] Cisco.2018 annual cybersecurity report:the evolution of malware and rise of artificial intelligence[EB/OL].[2019-06-22].https://www.cisco.com/c/en/us/products/security/security-reports.html. [2] Cisco.Cisco encrypted traffic analytics white paper[EB/OL].[2019-06-22].https://www.cisco.com/c/en/us/solutions/enterprise-networks/enterprise-network-security/eta.html. [3] CHEN Qingming,ZHU Shaohui.Considerations on the network security censor of industrial control systems[J].Information Security and Communications Privacy,2018(6):59-67.(in Chinese)陈清明,朱少辉.关于工业控制系统网络安全审查工作的思考[J].信息安全与通信保密,2018(6):59-67. [4] ANDERSON B,PAUL S,MCGREW D.Deciphering malware's use of TLS(without decryption)[J].Journal of Computer Virology and Hacking Techniques,2018,14(3):195-211. [5] ANDERSON B,MCGREW D.Identifying encrypted malware traffic with contextual flow data[C]//Proceedings of 2016 ACM Workshop on Artificial Intelligence and Security.New York,USA:ACM Press,2016:35-46. [6] WANG Wei,ZHU Ming,ZENG Xuewen,et al.Malware traffic classification using convolutional neural network for representation learning[C]//Proceedings of 2017 International Conference on Information Networking.Washington D.C.,USA:IEEE Press,2017:712-717. [7] PRASSE P,MACHLICA L,PEVNY T,et al.Malware detection by analyzing network traffic with neural networks[C]//Proceedings of 2017 IEEE Security and Privacy Workshops.Washington D.C.,USA:IEEE Press,2017:205-210. [8] YI Ping,GUAN Yuxiang,ZOU Futai,et al.Web phishing detection using a deep learning framework[EB/OL].[2019-06-22].https://www.onacademic.com/detail/journal_1000040890343210_3788.html. [9] Aqniu.A report to understand the first inspection engine for encrypted traffic in China[EB/OL].[2019-06-22].https://www.aqniu.com/tools-tech/45207.html.(in Chinese) Aqniu.一篇报告了解国内首个针对加密流量的检测引擎[EB/OL].[2019-06-22].https://www.aqniu.com/tools-tech/45207.html. [10] CHEN Liangchen,GAO Shu,LIU Baoxu,et al.Research status and development trends on network encrypted traffic identification[J].Netinfo Security,2019,19(3):25-31.(in Chinese)陈良臣,高曙,刘宝旭,等.网络加密流量识别研究进展及发展趋势[J].信息网络安全,2019,19(3):25-31. [11] CTU.Malware capture facility project[EB/OL].[2019-06-22].https://mcfp.weebly.com/the-ctu-13-dataset-a-labeled-dataset-with-botnet-normal-and-background-traffic.html. [12] Alexa.Website ranking[EB/OL].[2019-06-22].https://www.alexa.com. [13] ANDERSON B,MCGREW D.Machine learning for encrypted malware traffic classification[C]//Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.New York,USA:ACM Press,2017:1723-1732. [14] ZHOU Zhihong,YAO Lihong,LI Jianhua,et al.Classification of Botnet families based on features self-learning under network traffic censorship[C]//Proceedings of the 3rd International Conference on Security of Smart Cities,Industrial Control System and Communications.Washington D.C.,USA:IEEE Press,2018:1-7. [15] WANG Pan,CHEN Xuejiao.SAE-based encrypted traffic identification method[J].Computer Engineering,2018,44(11):140-147,153.(in Chinese)王攀,陈雪娇.基于堆栈式自动编码器的加密流量识别方法[J].计算机工程,2018,44(11):140-147,153. [16] ALTHOUSE J,ATKINSON J,ATKINS J.JA3[EB/OL].[2019-06-22].https://github.com/salesforce/ja3. [17] BAGARIA S,BALAJI R,BINDHUMADHAVA B S.Detecting malignant TLS servers using machine learning techniques[EB/OL].[2019-06-22].https://arxiv.org/abs/1705.09044. [18] ZHAO D,TRAORE I,SAYED B,et al.Botnet detection based on traffic behavior analysis and flow intervals[J].Computers & Security,2013,39:2-16. [19] REZAEI S,LIU X.Deep learning for encrypted traffic classification:an overview[J].IEEE Communications Magazine,2019,57(5):76-81. [20] NGUYEN T T T,ARMITAGE G.A survey of techniques for Internet traffic classification using machine learning[J].IEEE Communications Surveys & Tutorials,2008,10(4):56-76. [21] ZANDER S,NGUYEN T,ARMITAGE G.Automated traffic classification and application identification using machine learning[C]//Proceedings of IEEE Conference on Local Computer Networks.Washington D.C.,USA:IEEE Press,2005:1-10. [22] CHEN Wei,HU Lei,YANG Long.Fast identification method of encrypted traffic based on payload signatures[J].Computer Engineering,2012,38(12):22-25.(in Chinese)陈伟,胡磊,杨龙.基于载荷特征的加密流量快速识别方法[J].计算机工程,2012,38(12):22-25. [23] PAN Wubin,CHENG Guang,GUO Xiaojun,et al.Review and perspective on encrypted traffic identification research[J].Journal on Communications,2016,37(9):154-167.(in Chinese)潘吴斌,程光,郭晓军,等.网络加密流量识别研究综述及展望[J].通信学报,2016,37(9):154-167. |