中圖分類號(hào):TP181/TP393.0 文獻(xiàn)標(biāo)志碼:A DOI: 10.16157/j.issn.0258-7998.245979 中文引用格式: 田睿,張雅勤,董偉,等. 機(jī)器學(xué)習(xí)在惡意加密流量檢測(cè)中的應(yīng)用及研究[J]. 電子技術(shù)應(yīng)用,2025,51(4):1-11. 英文引用格式: Tian Rui,Zhang Yaqin,Dong Wei,et al. The application and research of machine learning in malicious encrypted traffic detection[J]. Application of Electronic Technique,2025,51(4):1-11.
The application and research of machine learning in malicious encrypted traffic detection
1.The Sixth Research Institute of China Electronics Information Industry Group Corporation Limited; 2.North China Research Institute of Computer System Engineering
Abstract: With the widespread use of encrypted communication, malicious attackers increasingly exploit encrypted traffic to conceal their activities, posing challenges to traditional signature-based and rule-based detection methods. Machine learning provides a novel solution for detecting malicious encrypted traffic. This paper reviews the applications of supervised learning, unsupervised learning, deep learning, and ensemble learning in this domain. Supervised learning identifies known attacks using labeled data, while unsupervised learning uncovers new attack patterns in unlabeled data. Deep learning enhances feature extraction capabilities in large-scale data environments, and ensemble learning strengthens system robustness through model fusion. The findings indicate that machine learning significantly improves the accuracy of malicious behavior detection, particularly in complex feature extraction and the identification of new attack patterns.
