The rapid growth in Internet usage and advancements in network technologies have escalated the risk of network attacks. As the adoption of encryption protocols increases, so does the difficulty in identifying malware within encrypted traffic. Malware represents a significant danger in cyberspace, as it compromises personal data and harms computer systems. Network attacks involve unauthorized access to networks, often aiming to disrupt or damage them, with potentially severe consequences. To counter these threats, researchers, developers, and security experts are constantly innovating new malware detection techniques. Recently, deep learning has gained traction in network security and intrusion detection systems (IDSs), with models such as Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) showing promise in detecting malicious traffic. Despite these advancements, extracting relevant features from diverse malware types remains a challenge. Current solutions demand substantial computational resources and are often inefficient for large datasets. Additionally, existing image-based feature extraction methods consume significant resources. This study tackles these issues by employing a 1D CNN alongside LSTM for the detection and classification of encrypted malicious traffic. Using the Malware Analysis benchmark dataset, which consists of 42,797 malware and 1,079 goodware API call sequences, the proposed model achieved an accuracy of 99.2%, surpassing other state-of-the-art models
Read full abstract