Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach
Abstract With the rapid digital transformation of power systems, encrypted communication technologies are increasingly adopted to enhance data privacy and security. However, this trend also creates potential covert channels for malicious traffic, making the detection of encrypted malicious traffic a...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-05-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-02565-z |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850125506202042368 |
|---|---|
| author | Zhifu Wu Xianfu Zhou Xindai Lu Liqiang Yang Siqi Shen Dong Yan |
| author_facet | Zhifu Wu Xianfu Zhou Xindai Lu Liqiang Yang Siqi Shen Dong Yan |
| author_sort | Zhifu Wu |
| collection | DOAJ |
| description | Abstract With the rapid digital transformation of power systems, encrypted communication technologies are increasingly adopted to enhance data privacy and security. However, this trend also creates potential covert channels for malicious traffic, making the detection of encrypted malicious traffic a critical challenge. Current detection methods often struggle to capture both fine-grained semantic interactions during the TLS handshake and global temporal patterns in traffic behavior, particularly in domain-specific contexts like power systems. This paper proposes the Electricity Multi-Granularity Flow Representation Learning (E-MGFlow) approach to address these issues. E-MGFlow integrates field-level and packet-level granularity analyses, leveraging a multi-head attention mechanism and bidirectional LSTM to effectively capture local semantic details and global traffic dynamics. The method is further optimized for power systems by incorporating device state information and bidirectional communication features. Experimental results on the DataCon dataset and a power information interaction dataset demonstrate that E-MGFlow significantly improves detection performance, achieving 93.64% precision and 93.76% recall with a low false positive rate of 6.52%. The approach offers substantial practical value for securing power system networks against sophisticated cyber threats, ensuring timely detection and defense against potential attacks. |
| format | Article |
| id | doaj-art-e785fd1db0ef46ccabb065bc088bd9a1 |
| institution | OA Journals |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-05-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-e785fd1db0ef46ccabb065bc088bd9a12025-08-20T02:34:06ZengNature PortfolioScientific Reports2045-23222025-05-0115111410.1038/s41598-025-02565-zResearch on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approachZhifu Wu0Xianfu Zhou1Xindai Lu2Liqiang Yang3Siqi Shen4Dong Yan5State Grid Corporation of ChinaHuzhou Power Supply Company, State Grid Zhejiang Electric Power Co., Ltd.State Grid Zhejiang Electric Power Co., Ltd.Huzhou Power Supply Company, State Grid Zhejiang Electric Power Co., Ltd.State Grid Zhejiang Electric Power Co., Ltd.Huzhou Power Supply Company, State Grid Zhejiang Electric Power Co., Ltd.Abstract With the rapid digital transformation of power systems, encrypted communication technologies are increasingly adopted to enhance data privacy and security. However, this trend also creates potential covert channels for malicious traffic, making the detection of encrypted malicious traffic a critical challenge. Current detection methods often struggle to capture both fine-grained semantic interactions during the TLS handshake and global temporal patterns in traffic behavior, particularly in domain-specific contexts like power systems. This paper proposes the Electricity Multi-Granularity Flow Representation Learning (E-MGFlow) approach to address these issues. E-MGFlow integrates field-level and packet-level granularity analyses, leveraging a multi-head attention mechanism and bidirectional LSTM to effectively capture local semantic details and global traffic dynamics. The method is further optimized for power systems by incorporating device state information and bidirectional communication features. Experimental results on the DataCon dataset and a power information interaction dataset demonstrate that E-MGFlow significantly improves detection performance, achieving 93.64% precision and 93.76% recall with a low false positive rate of 6.52%. The approach offers substantial practical value for securing power system networks against sophisticated cyber threats, ensuring timely detection and defense against potential attacks.https://doi.org/10.1038/s41598-025-02565-zCrypto malicious traffic detectionMulti-granularity representation learningPower systemsNetwork securityInformation interaction |
| spellingShingle | Zhifu Wu Xianfu Zhou Xindai Lu Liqiang Yang Siqi Shen Dong Yan Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach Scientific Reports Crypto malicious traffic detection Multi-granularity representation learning Power systems Network security Information interaction |
| title | Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach |
| title_full | Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach |
| title_fullStr | Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach |
| title_full_unstemmed | Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach |
| title_short | Research on encrypted malicious traffic detection in power information interaction: application of the electricity multi-granularity flow representation learning approach |
| title_sort | research on encrypted malicious traffic detection in power information interaction application of the electricity multi granularity flow representation learning approach |
| topic | Crypto malicious traffic detection Multi-granularity representation learning Power systems Network security Information interaction |
| url | https://doi.org/10.1038/s41598-025-02565-z |
| work_keys_str_mv | AT zhifuwu researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach AT xianfuzhou researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach AT xindailu researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach AT liqiangyang researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach AT siqishen researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach AT dongyan researchonencryptedmalicioustrafficdetectioninpowerinformationinteractionapplicationoftheelectricitymultigranularityflowrepresentationlearningapproach |