Poster: Feasibility of Malware Traffic Analysis through TLS-Encrypted Flow Visualization

Dongeon Kim, Jihun Han, Jinwoo Lee, Heejun Roh, Wonjun Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

With the wide adoption of TLS, malware's use of TLS is also growing fast. However, fine-grained feature selection in existing approaches is too burdensome. To this end, we propose to visualize TLS-encrypted flow metadata as an image for better malware traffic analysis and classification. We discuss its feasibility and show some preliminary classification results with high accuracy.

Original languageEnglish
Title of host publication28th IEEE International Conference on Network Protocols, ICNP 2020
PublisherIEEE Computer Society
ISBN (Electronic)9781728169927
DOIs
Publication statusPublished - 2020 Oct 13
Event28th IEEE International Conference on Network Protocols, ICNP 2020 - Madrid, Spain
Duration: 2020 Oct 132020 Oct 16

Publication series

NameProceedings - International Conference on Network Protocols, ICNP
Volume2020-October
ISSN (Print)1092-1648

Conference

Conference28th IEEE International Conference on Network Protocols, ICNP 2020
CountrySpain
CityMadrid
Period20/10/1320/10/16

Keywords

  • Mal-ware
  • Malware Family
  • TLS Flow Metadata
  • Transport Layer Security (TLS)
  • Visualization

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint Dive into the research topics of 'Poster: Feasibility of Malware Traffic Analysis through TLS-Encrypted Flow Visualization'. Together they form a unique fingerprint.

Cite this