Deep Learning-Based Encrypted and Malicious Network Traffic Identification

The increasing The Internet's explosive growth has resulted in a tenfold increase in network traffic. Because encryption techniques are so common, it is challenging to spot malicious traffic. The reason is that traditional detection techniques are pointless if they cannot decode encrypted traffic. Instead of breaking the encryption itself, recent work on identifying malicious encrypted traffic has focused on feature extraction and the choice of deep learning techniques. Today's edge node devices are primarily in charge of processing enormous volumes of data, identifying important components of network traffic, and forwarding that data to a cloud server. However, the performance of mobile terminal tools in detecting and classifying encrypted and malicious traffic lags, making it difficult to determine how to more quickly and accurately identify network traffic. We create a convolutional neural network (CNN) model known as ۱-D-CNN with hexadecimal data (HexCNN-۱D), which combines normalized and attention processes. The attention mechanism's Global-Attention-Block (GAB) and Category-Attention-Block (CAB) modules aid in recognizing and classifying network traffic. By extracting effective load information from hexadecimal network traffic, our algorithm can identify the majority of network traffic types, as well as encrypted and malicious traffic data. During experimental testing, an average accuracy of ۹۸.۸ % was discovered. The reliability of traffic data recognition in networks could be greatly improved by our approach.