{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T13:12:10Z","timestamp":1770815530875,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":24,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,15]],"date-time":"2019-11-15T00:00:00Z","timestamp":1573776000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,15]]},"DOI":"10.1145\/3371676.3371697","type":"proceedings-article","created":{"date-parts":[[2020,1,14]],"date-time":"2020-01-14T04:40:36Z","timestamp":1578976836000},"page":"40-46","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":23,"title":["SSL Malicious Traffic Detection Based On Multi-view Features"],"prefix":"10.1145","author":[{"given":"Rui","family":"Dai","sequence":"first","affiliation":[{"name":"State Key Laboratory of Software Development Environment, Beijing, China"}]},{"given":"Chuan","family":"Gao","sequence":"additional","affiliation":[{"name":"National Computer Network Emergency Response Technical Team, Beijing, China"}]},{"given":"Bo","family":"Lang","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Software Development Environment, Beijing, China"}]},{"given":"Lixia","family":"Yang","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Software Development Environment, Beijing, China"}]},{"given":"Hongyu","family":"Liu","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Software Development Environment, Beijing, China"}]},{"given":"Shaojie","family":"Chen","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Software Development Environment, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2020,1,13]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Sandvine. The Global Internet Phenomena Report. 2018-10.  Sandvine. The Global Internet Phenomena Report. 2018-10."},{"key":"e_1_3_2_1_2_1","unstructured":"Snort. https:\/\/www.snort.org\/.  Snort. https:\/\/www.snort.org\/."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2013.13"},{"key":"e_1_3_2_1_4_1","first-page":"3453","volume-title":"Turin","author":"Zhang C.","year":"2013","unstructured":"H. Zhang , C. Papadopoulos and D. Massey , \" Detecting encrypted botnet traffic,\" 2013 Proceedings IEEE INFOCOM , Turin , 2013 , pp. 3453 -- 1358 . H. Zhang, C. Papadopoulos and D. Massey, \"Detecting encrypted botnet traffic,\" 2013 Proceedings IEEE INFOCOM, Turin, 2013, pp. 3453--1358."},{"key":"e_1_3_2_1_5_1","volume-title":"Demystifying Malware Traffic. (August","author":"Sourabh Saxena","year":"2016","unstructured":"Sourabh Saxena . 2016. Demystifying Malware Traffic. (August 2016 ), 1735--80. Sourabh Saxena. 2016. Demystifying Malware Traffic. (August 2016), 1735--80."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3270101.3270105"},{"key":"e_1_3_2_1_7_1","first-page":"1","volume-title":"Singapore","author":"McGrew B.","year":"2016","unstructured":"D. McGrew and B. Anderson , \" Enhanced telemetry for encrypted threat analytics,\" 2016 IEEE 24th International Conference on Network Protocols (ICNP) , Singapore , 2016 , pp. 1 -- 6 . D. McGrew and B. Anderson, \"Enhanced telemetry for encrypted threat analytics,\" 2016 IEEE 24th International Conference on Network Protocols (ICNP), Singapore, 2016, pp. 1--6."},{"key":"e_1_3_2_1_8_1","volume-title":"Deciphering Malware's use of TLS (without Decryption). Journal of Computer Virology and Hacking Techniques. 10.1007\/s11416--017-0306--6","author":"Anderson","year":"2016","unstructured":"Anderson , Blake & Paul, Subharthi & McGrew, David . ( 2016 ). Deciphering Malware's use of TLS (without Decryption). Journal of Computer Virology and Hacking Techniques. 10.1007\/s11416--017-0306--6 . Anderson, Blake & Paul, Subharthi & McGrew, David. (2016). Deciphering Malware's use of TLS (without Decryption). Journal of Computer Virology and Hacking Techniques. 10.1007\/s11416--017-0306--6."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3097983.3098163"},{"key":"e_1_3_2_1_10_1","volume-title":"An Introduction to Support Vector Machines: And Other Kernel-Based Learning Methods","author":"Nello Cristianini","unstructured":"Nello Cristianini and John Shawe-Taylor. 1999. An Introduction to Support Vector Machines: And Other Kernel-Based Learning Methods . Cambridge University Press, New York, NY , USA. Nello Cristianini and John Shawe-Taylor. 1999. An Introduction to Support Vector Machines: And Other Kernel-Based Learning Methods. Cambridge University Press, New York, NY, USA."},{"key":"e_1_3_2_1_11_1","volume-title":"Classification and regression trees","author":"Breiman","year":"1984","unstructured":"Breiman , Leo; Friedman, J. H., Olshen , R. A. , & Stone , C. J. Classification and regression trees . Monterey, CA : Wadsworth & Brooks\/Cole Advanced Books & Software . 1984 . ISBN 978--0-412--04841-8. Breiman, Leo; Friedman, J. H., Olshen, R. A., & Stone, C. J. Classification and regression trees. Monterey, CA: Wadsworth & Brooks\/Cole Advanced Books & Software. 1984. ISBN 978--0-412--04841-8."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Breiman L. Random Forests. Machine Learning (2001) 45:  5.  Breiman L. Random Forests. Machine Learning (2001) 45: 5.","DOI":"10.1023\/A:1010933404324"},{"key":"e_1_3_2_1_13_1","volume-title":"Fingerprint recognition based on SSL traffic. Information security and technology","author":"DiXin Su","year":"2015","unstructured":"DiXin Su , Yong Shi, Zhi Xue . Fingerprint recognition based on SSL traffic. Information security and technology , 2015 , (11):58--60, 66. DiXin Su, Yong Shi, Zhi Xue. Fingerprint recognition based on SSL traffic. Information security and technology, 2015, (11):58--60, 66."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Nigel Williams Sebastian Zander and Grenville Armitage.2006. A Preliminary Performance Comparison of Five Machine Learning Algorithms for Practical IP Traffic Flow Classification. SIGCOMM Computer Communication Review 36 5(2006) 5--16.  Nigel Williams Sebastian Zander and Grenville Armitage.2006. A Preliminary Performance Comparison of Five Machine Learning Algorithms for Practical IP Traffic Flow Classification. SIGCOMM Computer Communication Review 36 5(2006) 5--16.","DOI":"10.1145\/1163593.1163596"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2996758.2996768"},{"key":"e_1_3_2_1_16_1","unstructured":"Zeek. https:\/\/www.zeek.org\/.  Zeek. https:\/\/www.zeek.org\/."},{"key":"e_1_3_2_1_17_1","unstructured":"CTU Malware Dataset. https:\/\/www.stratosphereips.org\/datasets-malware.  CTU Malware Dataset. https:\/\/www.stratosphereips.org\/datasets-malware."},{"key":"e_1_3_2_1_18_1","unstructured":"Malware Capture Facility Project. https:\/\/mcfp.weebly.com\/.  Malware Capture Facility Project. https:\/\/mcfp.weebly.com\/."},{"key":"e_1_3_2_1_19_1","unstructured":"Virustotal. https:\/\/www.virustotal.com\/  Virustotal. https:\/\/www.virustotal.com\/"},{"key":"e_1_3_2_1_20_1","volume-title":"Detection of HTTPS Malware Traffic","author":"Strasak Frantisek","year":"2017","unstructured":"Strasak Frantisek . 2017. Detection of HTTPS Malware Traffic . Czech Technical University in Prague, Computing and Information Centre , 2017 --05-25. Strasak Frantisek. 2017. Detection of HTTPS Malware Traffic. Czech Technical University in Prague, Computing and Information Centre, 2017--05-25."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13635-016-0030-7"},{"key":"e_1_3_2_1_22_1","volume-title":"ICCS","author":"Cui M.","year":"2018","unstructured":"Cui M. , Cao Z. , Xiong G. ( 2018 ) How Is the Forged Certificates in the Wild: Practice on Large-Scale SSL Usage Measurement and Analysis. In: Shi Y. et al. (eds) Computational Science - ICCS 2018 . ICCS 2018. Lecture Notes in Computer Science, vol 10862. Springer, Cham. Cui M., Cao Z., Xiong G. (2018) How Is the Forged Certificates in the Wild: Practice on Large-Scale SSL Usage Measurement and Analysis. In: Shi Y. et al. (eds) Computational Science - ICCS 2018. ICCS 2018. Lecture Notes in Computer Science, vol 10862. Springer, Cham."},{"key":"e_1_3_2_1_23_1","volume-title":"Accessed","author":"Transparency Certificate","year":"2017","unstructured":"Transparency Certificate : Certificate Transparency - Known Logs. https:\/\/www.certificate-transparency.org\/known-logs , Accessed 23 July 2017 . Transparency Certificate: Certificate Transparency - Known Logs. https:\/\/www.certificate-transparency.org\/known-logs, Accessed 23 July 2017."},{"key":"e_1_3_2_1_24_1","volume-title":"MUE","author":"Yoon J.","year":"2017","unstructured":"Yoon J. , Shin K. , Won Y. ( 2017 ) Encrypted Network Traffic Analysis Method via Secure Socket Layer Handshake Control. In: Park J., Chen SC., Raymond Choo KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech 2017 , MUE 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore. Yoon J., Shin K., Won Y. (2017) Encrypted Network Traffic Analysis Method via Secure Socket Layer Handshake Control. In: Park J., Chen SC., Raymond Choo KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech 2017, MUE 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore."}],"event":{"name":"ICCNS 2019: 2019 the 9th International Conference on Communication and Network Security","location":"Chongqing China","acronym":"ICCNS 2019","sponsor":["University of Tokyo","Chongqing University of Posts and Telecommunications"]},"container-title":["Proceedings of the 2019 9th International Conference on Communication and Network Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3371676.3371697","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3371676.3371697","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:44:23Z","timestamp":1750203863000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3371676.3371697"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,15]]},"references-count":24,"alternative-id":["10.1145\/3371676.3371697","10.1145\/3371676"],"URL":"https:\/\/doi.org\/10.1145\/3371676.3371697","relation":{},"subject":[],"published":{"date-parts":[[2019,11,15]]},"assertion":[{"value":"2020-01-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}