Malware traffic classification using convolutional neural network for representation learning

@article{Wang2017MalwareTC,
  title={Malware traffic classification using convolutional neural network for representation learning},
  author={Wei Wang and Ming Zhu and Xuewen Zeng and Xiaozhou Ye and Yiqiang Sheng},
  journal={2017 International Conference on Information Networking (ICOIN)},
  year={2017},
  pages={712-717}
}
Traffic classification is the first step for network anomaly detection or network based intrusion detection system and plays an important role in network security domain. In this paper we first presented a new taxonomy of traffic classification from an artificial intelligence perspective, and then proposed a malware traffic classification method using convolutional neural network by taking traffic data as images. This method needed no hand-designed features but directly took raw traffic as… CONTINUE READING

9 Figures & Tables

Extracted Numerical Results

  • In all twelve comparisons, except that the recall of session using all layers is slightly lower (0.24%) than flow using all layers, other eleven comparisons show the following pattern: the precision, recall, f1 value of traffic class with all layers were all higher than with only L7 layer, and the precision, recall, f1 value of traffic class using session were all higher than using flow.
  • Because the accuracy of binary classifier is 100%, it’s no need to show the precision, recall and f1 value of binary classifier.
  • Table V shows that the precision, recall and f1 value of Neris and Virus traffic is a bit lower (90% ~ 96%), but the other 18 classes of traffic all achieve very high precision, recall and f1 value (higher than 99%).

Topics