中圖分類號：TP181/TP393.0 文獻標志碼：A DOI: 10.16157/j.issn.0258-7998.245979
中文引用格式： 田睿，張雅勤，董偉，等. 機器學習在惡意加密流量檢測中的應用及研究[J]. 電子技術應用，2025，51(4)：1-11.
英文引用格式： Tian Rui，Zhang Yaqin，Dong Wei，et al. The application and research of machine learning in malicious encrypted traffic detection[J]. Application of Electronic Technique，2025，51(4)：1-11.

The application and research of machine learning in malicious encrypted traffic detection

Abstract： With the widespread use of encrypted communication, malicious attackers increasingly exploit encrypted traffic to conceal their activities, posing challenges to traditional signature-based and rule-based detection methods. Machine learning provides a novel solution for detecting malicious encrypted traffic. This paper reviews the applications of supervised learning, unsupervised learning, deep learning, and ensemble learning in this domain. Supervised learning identifies known attacks using labeled data, while unsupervised learning uncovers new attack patterns in unlabeled data. Deep learning enhances feature extraction capabilities in large-scale data environments, and ensemble learning strengthens system robustness through model fusion. The findings indicate that machine learning significantly improves the accuracy of malicious behavior detection, particularly in complex feature extraction and the identification of new attack patterns.

Key words : encrypted traffic recognition；machine learning；encrypted traffic；malicious behavior detection；ensemble learning