A few approaches in Encrypted Malware Classifications

The classification of malware traffic is a critical component of network intrusion detection systems. Because of the recent surge in traffic encryption, it is no longer possible to categorize malware traffic using port-based or signature-based methods. Nowadays, academics and industry developers are turning to learning-based systems for encrypted malware traffic categorization, and mining statistical patterns of traffic behaviors.

Machine learning has been increasingly researched for the detection of malicious network traffic during the last few decades; it is particularly tempting when the traffic is encrypted, as traditional pattern-matching algorithms are ineffective. Several approaches for traffic classification problems have recently been researched with excellent accuracy thanks to the advent of deep learning algorithms. In this research, I will investigate the efficacy of Random Forest, Logistic Regression, and Convolutional Neural Networks for classification tasks.