Cryptographic malicious traffic detection method, system and computer readable storage medium

CN121690867BActive Publication Date: 2026-06-09SHENZHEN Y& D ELECTRONICS CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHENZHEN Y& D ELECTRONICS CO LTD
Filing Date
2026-02-11
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

Existing methods for detecting encrypted malicious traffic based on deep learning suffer from problems such as limited feature extraction dimensions, neglect of frequency domain information, weak temporal modeling mechanisms, and difficulty in effectively integrating time domain and frequency domain features.

Method used

A time-frequency energy distribution map and frequency band energy sequence are extracted from the packet length sequence using continuous wavelet transform. A time-frequency enhancement detection model is constructed by combining a time-domain temporal convolutional network with an extended causal convolutional structure and time-frequency attention and frequency band rescaling attention modules, and then performing feature fusion and classification.

Benefits of technology

It significantly improves the accuracy of encrypted malicious traffic detection, can more comprehensively capture malicious behavior patterns, and enhances feature representation capabilities and detection effectiveness.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121690867B_ABST
    Figure CN121690867B_ABST
Patent Text Reader

Abstract

The application discloses a kind of encrypted malicious traffic detection method, system and computer readable storage medium, belong to traffic detection technical field.The encrypted malicious traffic detection method obtains original network traffic data, constructs packet length sequence and packet arrival time interval sequence, to form original time sequence matrix.Extract time-frequency energy distribution diagram and band energy sequence from packet length sequence by continuous wavelet transform.Time-domain time sequence convolution network based on expansion causal convolution structure is used to extract time-domain feature vector from original time sequence matrix.Time-frequency attention and band rescaling attention module are used to extract frequency domain feature vector from time-frequency energy distribution diagram and band energy sequence.Malicious traffic binary classification and malicious traffic behavior type multi-classification processing are carried out on time-frequency aggregated feature vector by hierarchical classifier, and the classification result is output.The scheme realizes the malicious traffic representation ability of time-frequency feature deep fusion, and improves the detection precision of encrypted malicious traffic.
Need to check novelty before this filing date? Find Prior Art