Accurate Encrypted Malicious Traffic Identification via Traffic Interaction Pattern Using Graph Convolutional Network

Telecommuting and telelearning have gradually become mainstream lifestyles in the post-epidemic era. The extensive interconnection of massive terminals gives attackers more opportunities, which brings significant challenges to network traffic security analysis. existing attacks, often using encryption technology distributed attack methods, increase number complexity attacks. However, traditional methods need analysis encrypted malicious interaction patterns cannot explore potential correlations a macroscopic comprehensive manner. Anyway, changes caused by attacks also further study. Therefore, achieve accurate effective identification it is essential comprehensively describe portray relations with appearance We propose method for classifying based on attribute graph, named G-TIAG. At first, G-TIAG studies describes construction rule graphs selects attributive features nodes each graph. Then, uses convolutional graph GRU self-attention classify benign data different Our approach achieved best classification results, 89% accuracy F1-Score, 88% recall, respectively, publicly available datasets. improvement about 7% compared machine learning results 6% deep finally successfully