Abstract
In recent years, with the widespread application of encryption technology, criminals can hide malicious data without being discovered by security regulatory authorities, which has brought serious challenges to computer forensic investigation. Therefore, it is urgent to study the technology of detection and forensics of encrypted data. This paper proposes a method for encryption detection based on a deep convolutional neural network. The method first converts the raw data into two-dimensional matrixes as the input of the convolutional neural network. Then, the multiscale feature extraction mechanism with multiple activation functions is utilized to provide representative features as the input of subsequent layers. Next, the residual learning operation can further enhance the discrimination of features. By this mean, a network which can automatically extract and learn global contextual information of encrypted data is constructed. The experiment results show that the proposed method achieves high accuracy in the detection of storage file and network transmission data compare to the competitive methods and the detection accuracy on different types of mixed data is higher than 99%. Moreover, the proposed method can accurately detect data encrypted with different algorithms. The average detection rate of DES-encrypted data is higher than that of competitors by more than 5%.
Highlights
With the increasing popularity of the Internet and increasing awareness of privacy protection, encryption technology has been widely used in all aspects of daily life [1]
We propose an efficient end-to-end detection and forensics method based on deep learning called EDNet (Encryption Detection Network)
The contributions of this paper are as follows: 1) The proposed method is the first approach for the detection and forensics of encryption behavior of storage file and network transmission data based on deep learning
Summary
With the increasing popularity of the Internet and increasing awareness of privacy protection, encryption technology has been widely used in all aspects of daily life [1]. The method utilizing deep learning models for detection and forensics of encryption data in storage files and network transmission data has not been proposed yet. We propose an efficient end-to-end detection and forensics method based on deep learning called EDNet (Encryption Detection Network). The contributions of this paper are as follows: 1) The proposed method is the first approach for the detection and forensics of encryption behavior of storage file and network transmission data based on deep learning. It has great reference value for other similar tasks in this field.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
