Authors : N. Ragavenderan; Saara Unnathi R; Deepika Dash

Volume/Issue : Volume 10 - 2025, Issue 7 - July

Google Scholar : https://tinyurl.com/4a4der98

DOI : https://doi.org/10.38124/ijisrt/25jul473

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : Transport Layer Security (TLS) encryption secures internet communications but obscures malicious traffic, compli- cating traditional detection methods. This paper proposes an in- novative framework that integrates blockchain technology, AES- CBC encryption, and machine learning to securely store, enrich, and classify TLS session metadata. Flow- level features, extracted from passive network captures, are encrypted and immutably logged on a private blockchain, ensuring confidentiality and auditability. A decision tree classifier, trained offline on decrypted metadata, achieves 93.2% accuracy, 92.8% precision, and 91.6% recall in distinguishing benign from malicious sessions. The system’s modular architecture supports scalability and lays the foundation for real-time intelligent firewalls. Experimental results on a 10,000- session dataset validate the approach, demonstrating superior performance compared to baseline methods and poten- tial for enterprise-grade deployment.

Keywords : TLS, Blockchain, Machine Learning, Traffic Classification, Cybersecurity, Network Security.

References :

1. J. Anderson et al., “Encrypted traffic classification with machine learn- ing,” IEEE Trans. Netw. Serv. Manage., vol. 15, no. 3, pp. 1234–1245, 2018.
2. Z. Chen et al., “Machine learning in encrypted traffic analysis: A survey,” IEEE Commun. Surv. Tutor., vol. 21, no. 3, pp. 2567–2590, 2019.
3. S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008. [Online]. Available: https://bitcoin .org/bitcoin.pdfZ. Zheng et al., “Blockchain challenges and opportunities: A survey,”
4. Int. J. Web Grid Serv., vol. 14, no. 4, pp. 352–375, 2017.
5. scikit-learn: Machine Learning in Python. [Online]. Available: https:// scikit-learn.org
6. Wireshark TLS Feature Extraction. [Online]. Available: https://www. wireshark.org/docs/ dfref/t/tls.html
7. A. Lotfollahi, M. J. Siavoshani, R. S. H. Zade, and M. Saberian, “Encrypted network traffic analysis and classification utilizing deep learning,” arXiv preprint arXiv:1708.03017, 2017.
8. Z. Durumeric et al., “The HTTPS ecosystem: An analysis of certificate issuance, usage, and validation,” in Proc. ACM Internet Measurement Conf. (IMC), Barcelona, Spain, 2013, pp. 291–304.
9. Z. Li, W. Xu, Y. Fu, and Z. Lin, “BRT: An efficient and scalable blockchain-based revocation transparency system for TLS connections,” in Proc. IEEE INFOCOM, Paris, France, 2019, pp. 2076–2084.
10. L. Wang, Y. Jin, and K. G. Shin, “Encrypted mining traffic detection mechanism based on TLS handshake message and machine learning,” in Proc. IEEE Int. Conf. Commun. (ICC), 2020, pp. 1–6.
11. R. Razavi and F. Alserhani, “Challenges and advances in analyzing TLS 1.3-encrypted traffic: A comprehensive survey,” IEEE Commun. Surv. Tutor., vol. 24, no. 3, pp. 1502–1525, 2022.
12. Joy: A package for capturing and analyzing network flow data. [Online].

Available: https://github.com/cisco/joy

13. W. Wang, M. Zhu, J. Wang, X. Zeng, and Z. Yang, “End-to-end encrypted traffic classification with one-dimensional convolution neural networks,” in Proc. IEEE Int. Conf. Intelligence and Security Informatics (ISI), Beijing, China, Jul. 2017, pp. 43–48.
14. M. Zhang, H. Zhang, B. Zhang, and G. Lu, “Encrypted traffic clas- sification based on an improved clustering algorithm,” in Trustworthy Computing and Services (ISCTCS 2012), Y. Yuan, X. Wu, and Y. Lu, Eds. Berlin, Germany: Springer, 2013, vol. 320.
15. S. Rezaei and X. Liu, “Deep learning for encrypted traffic classification: An overview,” IEEE Commun. Mag., vol. 57, no. 5, pp. 76–81, May 2019.
16. M. Shen et al., “Machine learning-powered encrypted network traffic analysis: A comprehensive survey,” IEEE Commun. Surv. Tutor., vol. 25, no. 2, pp. 791–824, 2023.
17. A. L. Buczak and E. Guven, “A survey of data mining and machine learning methods for cyber security intrusion detection,” IEEE Commun. Surv. Tutor., vol. 18, no. 2, pp. 1153–1176, 2016.
18. G. Fernandes, J. J. Rodrigues, L. F. Carvalho, J. F. Al-Muhtadi, and M. L. Proença, “A comprehensive survey on network anomaly detec- tion,” Telecommun. Syst., vol. 70, no. 3, pp. 447–489, 2019.
19. D. Kwon et al., “A survey of deep learning-based network anomaly detection,” Cluster Comput., vol. 22, no. S1, pp. 949–961, 2019.
20. A. Boukerche and J. Wang, “Machine learning-based traffic prediction models for intelligent transportation systems,” Comput. Netw., vol. 181, p. 107530, Nov. 2020.
21. P. Baldi, “Autoencoders, unsupervised learning, and deep architectures,” in Proc. ICML Workshop Unsupervised and Transfer Learning, Bellevue, WA, USA, Jul. 2011, pp. 37–49.
22. I. A. Alharbi, A. J. Almalki, M. Alyami, C. Zou, and Y. Solihin, “Profiling attack on WiFi-based IoT devices using an eavesdropping of encrypted data frames,” Adv. Sci. Technol. Eng. Syst. J., vol. 7, no. 1, pp. 49–57, 2022.
23. S. Khan, “Towards interoperable blockchains: A survey on the role of smart contracts in blockchain interoperability,” IEEE Access, vol. 9, pp. 116672–116691, 2021.
24. F. Chollet, “Xception: Deep learning with depthwise separable convo- lutions,” in Proc. IEEE Conf. Comput. Vis. Pattern Recognit., Honolulu, HI, USA, Jul. 2017, pp. 1251–1258.
25. S. Shen et al., “Joint differential game and double deep Q-networks for suppressing malware spread in Industrial Internet of Things,” IEEE Trans. Inf. Forensics Secur., vol. 18, pp. 5302–5315, 2023.