Real time malware detection in encrypted network traffic using machine learning with time based features

Abstract

With the increasing amount of Internet users, malware attacks are also growing. The purpose of malicious authors creating malware is to attack, damage, or impair electronic devices. In recent times, malware authors are also using HTTPs traffic; therefore, detecting malware in HTTPs traffic is intriguing since network traffic is enciphered. As the network traffic is enciphered, it is an arduous job to identify benign and malicious traffic. It also poses a significant challenge for firewalls and anti-malware software. Hence, it is essential to monitor the network traffic for detecting malware and threats in this way that maintains the encryption integrity. In this paper, a machine learning based model was proposed, which can effectively and efficiently detect malware without deciphering the network traffic. The prime objective of the research work is to apply several of ML techniques to detect malware in real-time utilizing time-based features. The proposed methodology can classify malware attacks in less than one second, achieving an accuracy of 99% on the Central Processing Unit (CPU) and Graphics Processing Unit (GPU) platform, which is sufficient for detecting malware in real-time.