{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T16:04:24Z","timestamp":1743005064984,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":26,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819615476"},{"type":"electronic","value":"9789819615483"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-1548-3_8","type":"book-chapter","created":{"date-parts":[[2025,2,16]],"date-time":"2025-02-16T09:15:07Z","timestamp":1739697307000},"page":"111-126","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Behavior-Driven Encrypted Malware Detection with\u00a0Robust Traffic Representation"],"prefix":"10.1007","author":[{"given":"Peng","family":"Yin","sequence":"first","affiliation":[]},{"given":"Jizhe","family":"Jia","sequence":"additional","affiliation":[]},{"given":"Jing","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Yukai","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Meng","family":"Shen","sequence":"additional","affiliation":[]},{"given":"Liehuang","family":"Zhu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,2,17]]},"reference":[{"key":"8_CR1","unstructured":"Rescorla, E.: SSL and TLS: Designing and Building Secure Systems, vol.\u00a01. Addison-Wesley, Reading (2001)"},{"issue":"1","key":"8_CR2","doi-asserted-by":"publisher","first-page":"791","DOI":"10.1109\/COMST.2022.3208196","volume":"25","author":"M Shen","year":"2023","unstructured":"Shen, M., et al.: Machine learning-powered encrypted network traffic analysis: a comprehensive survey. IEEE Commun. Surv. Tutorials 25(1), 791\u2013824 (2023)","journal-title":"IEEE Commun. Surv. Tutorials"},{"key":"8_CR3","unstructured":"WatchGuard\u2019s Threat Lab Analyzes the Latest Malware and Internet Attacks (2023). https:\/\/www.watchguard.com\/wgrd-resource-center\/security-report-q3-2023. Accessed 19 May 2023"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Identifying encrypted malware traffic with contextual flow data. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, pp. 35\u201346(2016)","DOI":"10.1145\/2996758.2996768"},{"key":"8_CR5","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1016\/j.jnca.2018.12.014","volume":"133","author":"S Wang","year":"2019","unstructured":"Wang, S., Chen, Z., Yan, Q., Yang, B., Peng, L., Jia, Z.: A mobile malware detection method using behavior features in network traffic. J. Netw. Comput. Appl. 133, 15\u201325 (2019)","journal-title":"J. Netw. Comput. Appl."},{"issue":"8","key":"8_CR6","doi-asserted-by":"publisher","first-page":"1830","DOI":"10.1109\/TIFS.2017.2692682","volume":"12","author":"M Shen","year":"2017","unstructured":"Shen, M., Wei, M., Zhu, L., Wang, M.: Classification of encrypted traffic with second-order Markov chains and application attribute bigrams. IEEE Trans. Inf. Forensics Secur. 12(8), 1830\u20131843 (2017)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Rahmat, S., Niyaz, Q., Mathur, A., Sun, W., Javaid, A.Y.: Network traffic-based hybrid malware detection for smartphone and traditional networked systems. In: 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), pp. 0322\u20130328. IEEE (2019)","DOI":"10.1109\/UEMCON47517.2019.8992934"},{"key":"8_CR8","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108297","volume":"197","author":"Y Fang","year":"2021","unstructured":"Fang, Y., Li, K., Zheng, R., Liao, S., Wang, Y.: A communication-channel-based method for detecting deeply camouflaged malicious traffic. Comput. Netw. 197, 108297 (2021)","journal-title":"Comput. Netw."},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. arxiv 2018. arXiv preprint arXiv:1802.09089 (2018)","DOI":"10.14722\/ndss.2018.23204"},{"key":"8_CR10","doi-asserted-by":"crossref","unstructured":"Yu, T., Zou, F., Li, L., Yi, P.: An encrypted malicious traffic detection system based on neural network. In: 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), pp. 62\u201370. IEEE (2019)","DOI":"10.1109\/CyberC.2019.00020"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: Fs-net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 1171\u20131179. IEEE (2019)","DOI":"10.1109\/INFOCOM.2019.8737507"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Shen, M., Gao, Z., Zhu, L., Xu, K.: Efficient fine-grained website fingerprinting via encrypted traffic analysis with deep learning. In: 2021 IEEE\/ACM 29th International Symposium on Quality of Service (IWQOS), pp. 1\u201310 (2021)","DOI":"10.1109\/IWQOS52092.2021.9521272"},{"key":"8_CR13","doi-asserted-by":"publisher","first-page":"3540","DOI":"10.1109\/TIFS.2020.2991876","volume":"15","author":"X Congyuan","year":"2020","unstructured":"Congyuan, X., Shen, J., Xin, D.: A method of few-shot network intrusion detection based on meta-learning framework. IEEE Trans. Inf. Forensics Secur. 15, 3540\u20133552 (2020)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"8_CR14","doi-asserted-by":"publisher","first-page":"2367","DOI":"10.1109\/TIFS.2021.3050608","volume":"16","author":"M Shen","year":"2021","unstructured":"Shen, M., Zhang, J., Zhu, L., Ke, X., Xiaojiang, D.: Accurate decentralized application identification via encrypted traffic analysis using graph neural networks. IEEE Trans. Inf. Forensics Secur. 16, 2367\u20132380 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"8_CR15","unstructured":"Qu, J., et al.: An $$\\{$$Input-Agnostic$$\\}$$ hierarchical deep learning framework for traffic fingerprinting. In: 32nd USENIX Security Symposium (USENIX Security 2023), pp. 589\u2013606 (2023)"},{"issue":"4","key":"8_CR16","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MNET.011.1900366","volume":"34","author":"M Shen","year":"2020","unstructured":"Shen, M., Liu, Y., Zhu, L., Ke, X., Xiaojiang, D., Guizani, N.: Optimizing feature selection for efficient encrypted traffic classification: a systematic approach. IEEE Network 34(4), 20\u201327 (2020)","journal-title":"IEEE Network"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Yue, G., Zhai, Y., Shen, M., Jia, J., Zhu, L.: MF-net: encrypted malicious traffic detection based on multi-flow temporal features. In: International Conference on Blockchain and Trustworthy Systems, pp. 58\u201371. Springer, Cham (2023)","DOI":"10.1007\/978-981-99-8104-5_5"},{"key":"8_CR18","doi-asserted-by":"crossref","unstructured":"Liu, X., Shen, M., Cui, L., Ye, K., Jia, J., Yue, G.: Fewfine: few-shot malware traffic classification via transfer learning based on fine-tuning strategy. In: 2022 IEEE Smartworld, Ubiquitous Intelligence & Computing, Scalable Computing & Communications, Digital Twin, Privacy Computing, Metaverse, Autonomous & Trusted Vehicles (SmartWorld\/UIC\/ScalCom\/DigitalTwin\/PriComp\/Meta), pp. 425\u2013432. IEEE (2022)","DOI":"10.1109\/SmartWorld-UIC-ATC-ScalCom-DigitalTwin-PriComp-Metaverse56740.2022.00080"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Cui, S., Dong, C., Shen, M., Liu, Y., Jiang, B., Lu, Z.: CBSeq: a channel-level behavior sequence for encrypted malware traffic detection. IEEE Trans. Inf. Forensics Secur. (2023)","DOI":"10.1109\/TIFS.2023.3300521"},{"key":"8_CR20","doi-asserted-by":"publisher","first-page":"2046","DOI":"10.1109\/TIFS.2020.3046876","volume":"16","author":"M Shen","year":"2021","unstructured":"Shen, M., Liu, Y., Zhu, L., Xiaojiang, D., Jiankun, H.: Fine-grained webpage fingerprinting using only packet length information of encrypted traffic. IEEE Trans. Inf. Forensics Secur. 16, 2046\u20132059 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"8_CR21","unstructured":"Shen, M., Ji, K., Gao, Z., Li, Q., Zhu, L., Xu, K.: Subverting website fingerprinting defenses with robust traffic representation. In: 32nd USENIX Security Symposium (USENIX Security 2023), pp. 607\u2013624, Anaheim, CA. USENIX Association (2023)"},{"issue":"6","key":"8_CR22","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1145\/3065386","volume":"60","author":"A Krizhevsky","year":"2017","unstructured":"Krizhevsky, A., Sutskever, I., Hinton, G.E.: Imagenet classification with deep convolutional neural networks. Commun. ACM 60(6), 84\u201390 (2017)","journal-title":"Commun. ACM"},{"key":"8_CR23","unstructured":"Lin, M., Chen, Q., Yan, S.: Network in network. arXiv preprint arXiv:1312.4400 (2013)"},{"key":"8_CR24","unstructured":"Ioffe, S., Szegedy, C.: Batch normalization: accelerating deep network training by reducing internal covariate shift. In: Proceedings of the 32nd International Conference on Machine Learning, ICML 2015, Lille, France, 6\u201311 July 2015. JMLR Workshop and Conference Proceedings, vol.\u00a037, pp. 448\u2013456. JMLR.org (2015)"},{"key":"8_CR25","unstructured":"Stratosphere. Stratosphere laboratory datasets (2015). https:\/\/www.stratosphereips.org\/datasets-overview. Accessed 13 Mar 2020"},{"key":"8_CR26","doi-asserted-by":"crossref","unstructured":"Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108\u2013116 (2018)","DOI":"10.5220\/0006639801080116"}],"container-title":["Lecture Notes in Computer Science","Algorithms and Architectures for Parallel Processing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-1548-3_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,16]],"date-time":"2025-02-16T09:15:27Z","timestamp":1739697327000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-1548-3_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819615476","9789819615483"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-1548-3_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"17 February 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICA3PP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Algorithms and Architectures for Parallel Processing","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Macau","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 November 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ica3pp2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ica3pp2024.scimeeting.cn\/en\/web\/index\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}