ORIGINAL RESEARCH article

Front. Comput. Sci.

Sec. Computer Security

Volume 7 - 2025 | doi: 10.3389/fcomp.2025.1518128

This article is part of the Research TopicCyber Security Prevention, Defenses Driven by AI, and Mathematical Modelling and Simulation ToolsView all 6 articles

Obfuscated Malicious Traffic Detection Based on Data Enhancement

Provisionally accepted
Ke YeKe YeTao ZengTao ZengYubing DuanYubing DuanJun HanJun HanGuoxin ZhongGuoxin ZhongZhi ChenZhi ChenYulong WangYulong Wang*
  • Chinese Academy of Engineering, Beijing, China

The final, formatted version of the article will be published soon.

Select one of your emails

You have multiple emails registered with Frontiers:

Notify me on publication

Please enter your email address:

If you already have an account, please login

You don't have a Frontiers account ? You can register here

As the proportion of encrypted traffic increases, it becomes a challenge for network attacks to be discovered. Although existing methods combine unencrypted statistical features, e.g., average packet length, with machine learning algorithms to achieve encrypted malicious traffic detection, it is difficult to escape the influence of artificially forged noise, e.g., adding dummy packets. In this paper, we propose a novel encrypted malicious traffic detection methods named RobustDetector (RD) for obfuscated malicious traffic detection. The core of the proposed method is to use the dropout mechanism to simulate the process of original features being disturbed. Through introducing noise during the training phase, the robustness of the model is improved. To validate the effectiveness of RobustDetector, we conducted extensive experiments using public datasets.Our results demonstrate that RobustDetector achieves an average accuracy of 93.16% even when random noise is introduced to the original traffic with a probability of 50%. This performance underscores the potential of our proposed method in addressing the challenges of obfuscated malicious traffic detecion.

Keywords: Network anomaly detection, Obfuscated malicious traffic detection, Encrypted traffic classification, network attack and defense, deep learning

Received: 28 Oct 2024; Accepted: 18 Jun 2025.

Copyright: © 2025 Ye, Zeng, Duan, Han, Zhong, Chen and Wang. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) or licensor are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.

* Correspondence: Yulong Wang, Chinese Academy of Engineering, Beijing, 100088, China

Disclaimer: All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article or claim that may be made by its manufacturer is not guaranteed or endorsed by the publisher.

Supplementary Material