Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
TB-Graph: Enhancing Encrypted Malicious Traffic Classification through Relational Graph Attention Networks
School of Cyber Science and Technology, Information Engineering University, Zhengzhou, 450001, China
* Corresponding Author: Shengli Liu. Email:
Computers, Materials & Continua 2025, 82(2), 2985-3004. https://doi.org/10.32604/cmc.2024.059417
Received 07 October 2024; Accepted 26 November 2024; Issue published 17 February 2025
View Full Text
Download PDFAbstract
The proliferation of internet traffic encryption has become a double-edged sword. While it significantly enhances user privacy, it also inadvertently shields cyber-attacks from detection, presenting a formidable challenge to cybersecurity. Traditional machine learning and deep learning techniques often fall short in identifying encrypted malicious traffic due to their inability to fully extract and utilize the implicit relational and positional information embedded within data packets. This limitation has led to an unresolved challenge in the cybersecurity community: how to effectively extract valuable insights from the complex patterns of traffic packet transmission. Consequently, this paper introduces the TB-Graph model, an encrypted malicious traffic classification model based on a relational graph attention network. The model is a heterogeneous traffic burst graph that embeds side-channel features, which are unaffected by encryption, into the graph nodes and connects them with three different types of burst edges. Subsequently, we design a relational positional coding that prevents the loss of temporal relationships between the original traffic flows during graph transformation. Ultimately, TB-Graph leverages the powerful graph representation learning capabilities of Relational Graph Attention Network (RGAT) to extract latent behavioral features from the burst graph nodes and edge relationships. Experimental results show that TB-Graph outperforms various state-of-the-art methods in fine-grained encrypted malicious traffic classification tasks on two public datasets, indicating its enhanced capability for identifying encrypted malicious traffic.Keywords
Encrypted malicious traffic classification; traffic burst graph; graph representation learning; deep learning
Cite This Article
APA Style
Liu, M., Yang, Q., Wang, W., Liu, S. (2025). Tb-graph: enhancing encrypted malicious traffic classification through relational graph attention networks. Computers, Materials & Continua, 82(2), 2985–3004. https://doi.org/10.32604/cmc.2024.059417
Vancouver Style
Liu M, Yang Q, Wang W, Liu S. Tb-graph: enhancing encrypted malicious traffic classification through relational graph attention networks. Comput Mater Contin. 2025;82(2):2985–3004. https://doi.org/10.32604/cmc.2024.059417
IEEE Style
M. Liu, Q. Yang, W. Wang, and S. Liu, “TB-Graph: Enhancing Encrypted Malicious Traffic Classification through Relational Graph Attention Networks,” Comput. Mater. Contin., vol. 82, no. 2, pp. 2985–3004, 2025. https://doi.org/10.32604/cmc.2024.059417
Copyright © 2025 The Author(s). Published by Tech Science Press.This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
