{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,6]],"date-time":"2026-01-06T13:36:14Z","timestamp":1767706574790,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,10,21]],"date-time":"2024-10-21T00:00:00Z","timestamp":1729468800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,10,21]]},"DOI":"10.1145\/3627673.3679839","type":"proceedings-article","created":{"date-parts":[[2024,10,20]],"date-time":"2024-10-20T19:34:11Z","timestamp":1729452851000},"page":"2910-2919","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["TrafCL: Robust Encrypted Malicious Traffic Detection via Contrastive Learning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4998-7822","authenticated-orcid":false,"given":"Xiaodu","family":"Yang","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences & School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4520-7174","authenticated-orcid":false,"given":"Sijie","family":"Ruan","sequence":"additional","affiliation":[{"name":"School of Computer Science and Technology, Beijing Institute of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-5144-7287","authenticated-orcid":false,"given":"Jinyu","family":"Li","sequence":"additional","affiliation":[{"name":"School of Computer Science and Technology, Beijing Institute of Technology, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8417-2234","authenticated-orcid":false,"given":"Yinliang","family":"Yue","sequence":"additional","affiliation":[{"name":"Zhongguancun Laboratory, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-9648-7720","authenticated-orcid":false,"given":"Bo","family":"Sun","sequence":"additional","affiliation":[{"name":"National Computer Network Emergency Response Technical Team, Beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2024,10,21]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616639"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCC47284.2019.8969728"},{"key":"e_1_3_2_1_3_1","volume-title":"International conference on machine learning. PMLR, 1597--1607","author":"Chen Ting","year":"2020","unstructured":"Ting Chen, Simon Kornblith, Mohammad Norouzi, and Geoffrey Hinton. 2020. A simple framework for contrastive learning of visual representations. In International conference on machine learning. PMLR, 1597--1607."},{"key":"e_1_3_2_1_4_1","unstructured":"Cisco. 2021. Cisco Encrypted Traffic Analytics White Paper. https:\/\/www.cisco.com\/c\/en\/us\/solutions\/collateral\/enterprise-networks\/enterprise-network-security\/nb-09-encrytd-traf-anlytcs-wp-cte-en.html."},{"key":"e_1_3_2_1_5_1","volume-title":"Electra: Pre-training text encoders as discriminators rather than generators. arXiv preprint arXiv:2003.10555","author":"Clark Kevin","year":"2020","unstructured":"Kevin Clark, Minh-Thang Luong, Quoc V Le, and Christopher D Manning. 2020. Electra: Pre-training text encoders as discriminators rather than generators. arXiv preprint arXiv:2003.10555 (2020)."},{"key":"e_1_3_2_1_6_1","volume-title":"GLADS: A Global-Local Attention Data Selection Model for Multimodal Multitask Encrypted Traffic Classification of IoT. Computer Networks","author":"Dai Jianbang","year":"2023","unstructured":"Jianbang Dai, Xiaolong Xu, and Fu Xiao. 2023. GLADS: A Global-Local Attention Data Selection Model for Multimodal Multitask Encrypted Traffic Classification of IoT. Computer Networks (2023), 109652."},{"key":"e_1_3_2_1_7_1","unstructured":"Darktrace. 2023. A Surge of Vidar: Network-based details of a prolific info-stealer. https:\/\/darktrace.com\/blog\/a-surge-of-vidar-network-based-details-of-a-prolific-info-stealer."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2023.109614"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3071595"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5220\/0005740704070414"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3545948.3545983"},{"key":"e_1_3_2_1_12_1","volume-title":"Report: Full-Spectrum Cobalt Strike Detection. https:\/\/go.recordedfuture.com\/hubfs\/reports\/mtp-2021-0914.pdf.","author":"Future Recorded","year":"2021","unstructured":"Recorded Future. 2021. Report: Full-Spectrum Cobalt Strike Detection. https:\/\/go.recordedfuture.com\/hubfs\/reports\/mtp-2021-0914.pdf."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2021.emnlp-main.552"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2021.acl-long.72"},{"key":"e_1_3_2_1_15_1","unstructured":"Google. 2024. Google Transparency Report: HTTPS encryption on the web. https:\/\/transparencyreport.google.com\/https\/overview."},{"key":"e_1_3_2_1_16_1","unstructured":"Group-IB. 2023. Cyber threats wrapped: rampant ransomware inglorious initial access brokers sneaky stealers top threat trends to watch. https:\/\/www.group-ib.com\/media-center\/press-releases\/hi-tech-crime-trends-2022--2023\/."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.00975"},{"volume-title":"Cobalt Strike: Malleable Command and Control. https:\/\/trial.cobaltstrike.com\/help-malleable-c2.","year":"2022","key":"e_1_3_2_1_18_1","unstructured":"HelpSystems. 2022. Cobalt Strike: Malleable Command and Control. https:\/\/trial.cobaltstrike.com\/help-malleable-c2."},{"volume-title":"Cobalt Strike: HTTP Beacon and HTTPS Beacon. https:\/\/hstechdocs.helpsystems.com\/manuals\/cobaltstrike.","year":"2023","key":"e_1_3_2_1_19_1","unstructured":"HelpSystems. 2023. Cobalt Strike: HTTP Beacon and HTTPS Beacon. https:\/\/hstechdocs.helpsystems.com\/manuals\/cobaltstrike."},{"key":"e_1_3_2_1_20_1","unstructured":"Internet Engineering Task Force (IETF). 2008. RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2. https:\/\/www.rfc-editor.org\/rfc\/rfc5246."},{"key":"e_1_3_2_1_21_1","volume-title":"Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980","author":"Kingma Diederik P","year":"2014","unstructured":"Diederik P Kingma and Jimmy Ba. 2014. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.107974"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108658"},{"key":"e_1_3_2_1_24_1","volume-title":"A Novel Multimodal Deep Learning Framework for Encrypted Traffic Classification","author":"Lin Peng","year":"2022","unstructured":"Peng Lin, Kejiang Ye, Yishen Hu, Yanying Lin, and Cheng-Zhong Xu. 2022. A Novel Multimodal Deep Learning Framework for Encrypted Traffic Classification. IEEE\/ACM Transactions on Networking (2022)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512217"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2019.8737507"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103175"},{"key":"e_1_3_2_1_28_1","volume-title":"Chris Navarrete and Siddhart Shibiraj","author":"Yanhui Jia Yu Fu Durgesh Sangvikar","year":"2023","unstructured":"Durgesh Sangvikar Yanhui Jia Yu Fu Matthew Tennis, Chris Navarrete and Siddhart Shibiraj. 2023. Cobalt Strike Attack Detection & Defense Technology Overview. https:\/\/live.paloaltonetworks.com\/t5\/blogs\/cobalt-strike-attack-detection-amp-defense-technology-overview\/ba-p\/533753."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3534678.3539085"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/DASC-PICom-CBDCom-CyberSciTech49142.2020.00026"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2022.04.018"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3411508.3421379"},{"key":"e_1_3_2_1_33_1","unstructured":"Computer Emergency Response Team of Ukraine. 2022. Cyberattack on state organizations of Ukraine using the Formbook\/XLoader malware (CERT-UA#4125). https:\/\/cert.gov.ua\/article\/37688."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3050608"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243768"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2737970"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24412"},{"key":"e_1_3_2_1_38_1","volume-title":"\u0141 ukasz Kaiser, and Illia Polosukhin","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, \u0141 ukasz Kaiser, and Illia Polosukhin. 2017. Attention is All you Need. In Advances in Neural Information Processing Systems, I. Guyon, U. Von Luxburg, S. Bengio, H. Wallach, R. Fergus, S. Vishwanathan, and R. Garnett (Eds.), Vol. 30. Curran Associates, Inc."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICOIN.2017.7899588"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2018.00393"},{"key":"e_1_3_2_1_41_1","volume-title":"Rosetta: Enabling Robust TLS Encrypted Traffic Classification in Diverse Network Environments with TCP-Aware Traffic Augmentation. In 32nd USENIX Security Symposium (USENIX Security 23)","author":"Xie Renjie","year":"2023","unstructured":"Renjie Xie, Jiahao Cao, Enhuan Dong, Mingwei Xu, Kun Sun, Qi Li, Licheng Shen, and Menghao Zhang. 2023. Rosetta: Enabling Robust TLS Encrypted Traffic Classification in Diverse Network Environments with TCP-Aware Traffic Augmentation. In 32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Anaheim, CA, 625--642."},{"key":"e_1_3_2_1_42_1","volume-title":"TrafficGCN: Mobile Application Encrypted Traffic Classification Based on GCN. In GLOBECOM 2022--2022 IEEE Global Communications Conference. IEEE, 891--896","author":"Xu Hongbo","year":"2022","unstructured":"Hongbo Xu, Shuhao Li, Zhenyu Cheng, Rui Qin, Jiang Xie, and Peishuai Sun. 2022. TrafficGCN: Mobile Application Encrypted Traffic Classification Based on GCN. In GLOBECOM 2022--2022 IEEE Global Communications Conference. IEEE, 891--896."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2023.110120"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3183390"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3543507.3583227"}],"event":{"name":"CIKM '24: The 33rd ACM International Conference on Information and Knowledge Management","sponsor":["SIGIR ACM Special Interest Group on Information Retrieval"],"location":"Boise ID USA","acronym":"CIKM '24"},"container-title":["Proceedings of the 33rd ACM International Conference on Information and Knowledge Management"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627673.3679839","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3627673.3679839","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:58:07Z","timestamp":1750294687000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627673.3679839"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,21]]},"references-count":45,"alternative-id":["10.1145\/3627673.3679839","10.1145\/3627673"],"URL":"https:\/\/doi.org\/10.1145\/3627673.3679839","relation":{},"subject":[],"published":{"date-parts":[[2024,10,21]]},"assertion":[{"value":"2024-10-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}