[1] CISCO.Encrypted traffic analytics white paper[EB/OL]. 2020-05-07].https://www.cisco.com/c/dam/en/us/solutios/collateral/enterprise-networks/enterprise-network-security/nb-09-encryted-traf-anlytcs-wp-cte-en.pdf. [2] 陈良臣, 高曙, 刘宝旭, 等.网络加密流量研究进展及发展趋势[J].信息安全网络, 2019, 19(3):19-25. CHEN L C, GAO S, LIU B X, et al.Research status and development trends on network encrypted traffic identification[J].Netinfo Security, 2019, 19(3):19-25.(in Chinese) [3] 徐国天.基于异常加密流量标注的Android恶意进程识别方法研究[J].信息安全网络, 2020, 20(7):30-41. XU G T.Android malicious process identification method based on abnormal encrypted traffic annotation[J].Netinfo Security, 2020, 20(7):30-41.(in Chinese) [4] ANISH S, SHEKHA W, FABIO D, et al.Feature analysis of encrypted malicious traffic[J].Expert Systems with applications, 2019, 125:130-141. [5] WANG W, ZHU M, WANG J, et al.End-to-end encrypted traffic classification with one-dimensional convolution neural networks[C]//Proceedings of 2017 IEEE International Conference on Intelligence and Security Informatics.Washington D.C., USA:IEEE Press, 2017:43-52. [6] ZOU Z, GE J G, ZHENG H B, et al.Encrypted traffic classification with a convolutional long short-term memory neural network[C]//Proceedings of 2018 IEEE International Conference on High Performance Computing and Communications.Washington D.C., USA:IEEE Press, 2018:329-334. [7] 吴迪, 方滨兴, 崔翔, 等.BotCatcher:基于深度学习的僵尸网络检测系统[J].通信学报, 2018, 39(8):18-28. WU D, FANG B X, CUI X, et al.BotCatcher:botnet detection system based on deep learning[J].Journal on Communications, 2018, 39(8):18-28.(in Chinese) [8] ANDERSON B, PAUL S, MCGREW D.Deciphering malware's user of TLS (without decryption)[J].Journal of Computer Virology and Hacking Techniques, 2018, 14(3):195-211. [9] 胡斌, 周志洪, 姚立红, 等.结合报文负载与流指纹特征的TLS恶意流量检测[J].计算机工程, 2020, 46(11):157-163. HU B, ZHOU Z H, YAO L H, et al.TLS malicious traffic detection combining features of packet payload and stream fingerprint[J].Computer Engineering, 2020, 46(11):157-163.(in Chinese) [10] SCHUPPEN S, TEUBERT D, HERRMANN P, et al.FANCI:feature-based automated nxdomain classifica- tion and intelligence[C]//Proceedings of the 27th USENIX Conference on Security Symposium.New York, USA:ACM Press, 2018:1165-1181. [11] WANG W, ZHU M, ZENG X, et al.Malware traffic classification using convolutional neural network for repressentation learning[C]//Proceedings of 2017 International Conference on Information Networking.Washington D.C., USA:IEEE Press, 2017:712-717. [12] 程华, 谢金鑫, 陈立皇.基于CNN的加密C&C通信流量识别方法[J].计算机工程, 2019, 45(8):31-34, 41. CHENG H, XIE J X, CHEN L H.CNN-based encrypted C&C communication traffic identification method[J].Computer Engineering, 2019, 45(8):31-34, 41.(in Chinese) [13] 邹源, 张甲, 江滨.基于LSTM循环神经网络的恶意加密流量检测[J].计算机应用与软件, 2020, 37(2):308-312. ZOU Y, ZHANG J, JIANG B.Detection of malicious encrypted traffic based on LSTM recurrent neural network[J].Computer Applications and Software, 2020, 37(2):308-312.(in Chinese) [14] CONSTANTINOS P, FRAN C, VASILIOS K.Encrypted and covert DNS queries for botnets:challenges and counter measures[EB/OL].[2020-01-17].https://www.researchgate.net/publication/335854377_Encrypted_and_Covert_DNS_Queries_for_Botnets_Challenges_and_Countermeasures. [15] WANG W, SHENG Y, WANG J, et al.HAST-IDS:learning hierarchical spatial-temporal features using deep neural networks to Improve Intrusion Detection[J].IEEE Access, 2018, 6:1792-1806. [16] 刘洋, 赵科军, 葛连升, 等.一种基于深度学习的快速DGA域名分类算法[J].山东大学学报(理学版), 2019, 54(7):1-8. LIU Y, ZHAO K J, GE L S, et al.A fast DGA domain detection algorithm based on deep learning[J].Journal of Shang dong University(Natural Science), 2019, 54(7):1-8.(in Chinese) [17] LI S, LI W, COOK C, et al.Independently Recurrent Neural Network (indRNN):building a longer and deeper RNN[C]//Proceedings of IEEE Conference on Computer Vision and Pattern Recognition.Washington D.C., USA:IEEE Press, 2018:5457-5466. [18] YU Z P, LIU G S.Sliced recurrent ceural networks[C]//Proceedings of the 27th International Conference on Computational Linguistics.Washington D.C., USA:IEEE Press, 2018:59-69. [19] STRATOSPHERE L.Malware capture facility project[EB/OL].[2020-01-17].https://www.stratosphereips.org/datasets-malware/normal. [20] BRAD A.Malware traffic analysis[EB/OL].[2020-01-17].https://www.malware-traffic-analysis.net. |