Low-Quality Training Data Only? A Robust Framework for Detecting Encrypted Malicious Network Traffic
Yuqi Qing
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Network Detection
The proliferation of encrypted network traffic, while vital for privacy and security, has created a significant blind spot for traditional intrusion detection systems. Malicious actors increasingly leverage encryption to obfuscate their activities, making the detection of malware-generated traffic a critical challenge. Compounding this issue is the inherent difficulty in collecting high-quality training data for machine learning models designed to identify such threats. This talk, presented by Yuqi Qing at the NDSS Symposium, introduces RAPIER, a novel and robust framework specifically engineered to overcome the twin problems of limited and noisy training data in the context of encrypted malicious network traffic detection.