Publication Date

Spring 2018

Degree Type

Master's Project

Degree Name

Master of Science (MS)


Computer Science


In recent years there has been a dramatic increase in the number of malware attacks that use encrypted HTTP traffic for self-propagation and communication. Due to the volume of legitimate encrypted data, encrypted malicious traffic resembles benign traffic. As the malicious traffic is similar to benign traffic, it poses a challenge for antivirus software and firewalls. Since antivirus software and firewalls will not typically have access to encryption keys, detection techniques are needed that do not require decrypting the traffic. In this research, we apply a variety of machine learning techniques to the problem of distinguishing malicious encrypted HTTP traffic from benign encrypted traffic.