Acknowledgement
본 논문은 2023년도 정부(과학기술정보통신부)의 재원으로 정보통신기획평가원의 지원을 받아 수행된 연구임[No. RS-2023-00235509, ICT융합 공공 서비스·인프라의 암호화 사이버위협에 대한 네트워크 행위기반 보안관제기술 개발].
References
- Google, HTTPS encryption on the web, Google Transparency Report, 2023. 4., https://transparencyreport.google.com/https/overview?hl=kr
- M. Shen et al., "Machine learning-powered encrypted network traffic analysis: A comprehensive survey," IEEE Commun. Surv. Tutor., vol. 25, no. 1, 2023.
- D. Desai, "2020: The State of Encrypted Attacks. Zscaler," Retrieved Feb. 24, 2021, https://www.zscaler.com/blogs/security-research/2020-state-encrypted-attacks
- https://www.tcpdump.org/
- IETF RFC 8446, The Transport Layer Security(TLS) Protocol Version 1.3, Aug. 2018, https://www.ietf.org/rfc/rfc8446.txt
- P. Sirinam et al., "Deep fingerprinting: Undermining website fingerprinting defenses with deep learning," in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., (Toronto, Canada), Oct. 2018, pp. 1928-1943.
- M. Shen et al., "Accurate decentralized application identification via encrypted traffic analysis using graph neural networks," IEEE Trans. Inf. Forensics Secur., vol. 16, 2021, pp. 2367-2380. https://doi.org/10.1109/TIFS.2021.3050608
- T. Shapira and Y. Shavitt, "FlowPic: A generic representation for encrypted traffic classification and applications identification," IEEE Trans. Netw. Service Manag., vol. 18, no. 2, 2021, pp. 1218-1232. https://doi.org/10.1109/TNSM.2021.3071441
- 김홍비, 이태진, "정보보호 분야의 XAI 기술 동향," 정보보호학회지, 제31권 제5호, 2021.
- J. Lever, "Classification evaluation," Nature Methods, vol. 13, no. 8, 2016, pp. 603-604. https://doi.org/10.1038/nmeth.3945
- G. Stergiopoulos et al., "Automatic detection of various malicious traffic using side channel features on TCP packets," Computer Security, Springer, Cham, Switzerland, 2018, pp. 346-362.
- CTU-13 dataset, CTU University, Czech Republic, 2011, https://mcfp.felk.cvut.cz/publicDatasets/CTUMalware-Capture-Botnet-1/
- First.org, Hands-on Network Forensics-Training PCAP dataset from FIRST 2015, www.first.org/assets/conf2015/networkforensicsvirtualbox.zip
- Milicenso, Ponmocup Malware dataset, Update 2012-10-07, http://security-research.dyndns.org/pub/botnet/ponmocup/analysis2012-10-05/analysis.txt (Accessed 1 Jan. 2018)
- X. Qin, T. Xu, and C. Wang, "DDoS attack detection using flow entropy and clustering technique," in Proc. Int. Conf. Comput. Intell. Secur. (CIS), (Shenzhen, China), 2015, pp. 412-415.
- M. Zolotukhin et al., "Data mining approach for detection of DDoS attacks utilizing SSL/TLS protocol," Internet of Things, Smart Spaces, and Next Generation Networks and Systems, Springer, Cham, Switzerland, 2015, pp. 274-285.
- Y. Zeng et al., "Deep-full-range: A deep learning based network encrypted traffic classification and intrusion detection framework," IEEE Access, vol. 7, 2019, pp. 45182-45190. https://doi.org/10.1109/ACCESS.2019.2908225
- M. Zolotukhin et al., "Increasing web service availability by detecting application-layer DDoS attacks in encrypted traffic," in Proc. IEEE 23rd Int. Conf. Telecommun. (ICT), (Thessaloniki, Greece), May 2016, pp. 1-6.
- J. David et al., "DDoS attack detection using fast entropy approach on flow-based network traffic," Procedia Comput. Sci., vol. 50, 2015, pp. 30-36. https://doi.org/10.1016/j.procs.2015.04.007
- S. Garg, S.K. Peddoju, and A.K. Sarje, "Network-based detection of Android malicious apps," Int. J. Inf. Secur. vol. 16, no. 4, 2017, pp. 385-400. https://doi.org/10.1007/s10207-016-0343-z
- T. Gu et al., "IoTGaze: IoT security enforcement via wireless context analysis," in Proc. IEEE INFOCOM Conf. Comput. Commun., (Toronto, Canada), Jul. 2020, pp. 884-893.
- J. Feng et al., "A two-layer deep learning method for Android malware detection using network traffic," IEEE Access, vol. 8, 2020, pp. 125786-125796. https://doi.org/10.1109/ACCESS.2020.3008081
- P. Prasse et al., "Malware detection by analysing network traffic with neural networks," in Proc. IEEE SPW, (San Jose, CA, USA), May 2017, pp. 205-210.
- S.B. Banihashem and E. Aktharkavan, "Encrypted network traffic classification using deep learning method," in Proc. Int. Conf. Web Res. (ICWR), (Tehran, Iran), May 2022.