熊刚，男，中国科学院信息工程研究所二级研究员，研究室主任，所学术委员会委员，中国科学院大学网络空间安全学院教授，博士生导师。主要研究领域为网络测量与行为分析、信息对抗理论与技术、网络取证技术、海量数据挖掘与分析等。近年来，作为项目负责人承担十四五科技部“网络空间安全治理”重点研发计划、十三五国家前沿科技创新专项。作为课题负责人承担国家科技支撑计划、国家信息安全计划课题20余项，参与973、863、中科院先导专项等多项课题。

主持研发了多个重大信息安全平台和系统，在线成功应用，效果显著。 获2013年国家科技进步二等奖（排名3）、2025年部级科学技术一等奖（排名2）、2024年部级技术发明一等奖（排名2）、2023年新疆科技进步一等奖（排名4）；获2017年度、2012年度中科院信工所重大科技进展奖（排名1）。2018年获评中国科学院“新时代科技报国”优秀共产党员。

在USENIX Security、INFOCOM、CIKM、计算机学报、CCS、RAID、IWQos、ChinaCommunications等国内外重要会议期刊发表论文110余篇；获SecureComm 2020、Networking 2021的BEST PAPER；申请专利16项，参与制定标准9项。培养指导博士生、硕士生40余人。牵头主讲的《网络行为学导论》获评中国科学院大学2021年校级研究生优秀课程。2022年获评中国科学院朱李月华优秀教师奖。

   

083900-网络空间安全
081202-计算机软件与理论
081201-计算机系统结构

网络测量与行为分析，数据挖掘与人工智能对抗
数据挖掘与人工智能对抗
网络测量与行为分析

   

2012-01~现在, 中国科学院信息工程研究所, 群组组长；副主任；主任；博士生导师；研究员；中国科学院大学岗位教授
2002-08~2011-12,中国科学院计算技术研究所, 技术百星；课题组长；硕士生导师

2019-12-06-2024-09-29,中国通信学会第三届通信安全技术委员会, 委员

网络行为学导论
网络测量与行为分析

2023-02至2023-05 网络行为学导论 40学时 硕士生、直博生

2022-09至2022-11 网络测量与行为分析 40学时 博士生

2022-03至2022-06 网络行为学导论 40学时 硕士生、直博生

2021-09至2021-12 网络测量与行为分析 40学时 博士生

2021-03至2021-06 网络行为学导论 40学时 硕士生、直博生

2020-09至2020-12 网络测量与行为分析 40学时 博士生

2020-03至2020-06 网络行为学导论 40学时 硕士生、直博生

2019-09至2019-11 网络测量与行为分析 40学时 博士生

2019-03至2019-06 网络行为学导论 40学时 硕士生、直博生

2018-09至2018-12 网络测量与行为分析 40学时 博士生

2017-09至2017-12 网络测量与行为分析 40学时 博士生

2017-02至2017-05 网络测量与行为分析 40学时 博士生

2015-09至2016-01 网络测量与行为分析 40学时 博士生

2015-03至2015-06 网络测量与行为分析 40学时 博士生

   

（1） 智能数据分析系统研制及应用, 一等奖, 部委级, 2025
（2） 行为协同研判与推理预测技术, 一等奖, 部委级, 2024
（3） 行为智能感知关键技术及应用, 一等奖, 省级, 2023
（4） 网络行为分析关键技术及重大应用, 一等奖, 研究所（学校）, 2017
（5） 网络行为分析平台及关键技术, 二等奖, 国家级, 2013
（6） 网络测量与行为分析, 一等奖, 研究所（学校）, 2012

   

（1） Exploring the Potential and Boundaries of KAN in Encrypted Traffic Classification, International Joint Conference on Neural Networks, 2025, 第 5 作者
（2） ANASETC: Automatic Neural Architecture Search for Encrypted Traffic Classification, ICASSP 2025 - 2025 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2025, 第 4 作者
（3） MalSE: Malware Detection Based on Multi-Dimensional API Call Sensitivity Estimation, International Joint Conference on Neural Networks, 2025, 第 4 作者
（4） HoleMal: A lightweight IoT malware detection framework based on efficient host-level traffic processing, Computers & Security, 2025, 第 4 作者
（5） Respond to Change with Constancy: Instruction-tuning with LLM for Non-I.I.D. Network Traffic Classification, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2025, 第 2 作者
（6） Deep learning and pre-training technology for encrypted traffic classification: A comprehensive review, NEUROCOMPUTING, 2025, 第 5 作者  通讯作者
（7） DomEye: Detecting network covert channel of domain fronting with throughput fluctuation, Computers & Security, 2024, 第 3 作者
（8） Let gambling hide nowhere: Detecting illegal mobile gambling apps via heterogeneous graph-based encrypted traffic analysis, COMPUTER NETWORKS, 2024, 第 7 作者
（9） CETP: A novel semi-supervised framework based on contrastive pre-training for imbalanced encrypted traffic classification, COMPUTERS & SECURITY, 2024, 第 8 作者  通讯作者
（10） 序言：网络公害治理技术与应用, Preface:Technology and Application of Network Public Nuisance Management, 集成技术, 2024, 第 1 作者
（11） Identifying malicious traffic under concept drift based on intraclass consistency enhanced variational autoencoder, Identifying malicious traffic under concept drift based on intraclass consistency enhanced variational autoencoder, SCIENCE CHINA-INFORMATION SCIENCES, 2024, 第 4 作者  通讯作者
（12） Traffic spills the beans: A robust video identification attack against YouTube, COMPUTERS & SECURITY, 2024, 第 2 作者
（13） RecoSelector: Cost-Sensitive Feature Selection for Network Intrusion Detection in Resource-Constrained Internet of Things, 2024 IEEE International Performance, Computing, and Communications Conference (IPCCC), 2024, 第 4 作者
（14） Incremental encrypted traffic classification via contrastive prototype networks, COMPUTER NETWORKS, 2024, 第 5 作者
（15） FA-Net: More Accurate Encrypted Network Traffic Classification Based on Burst with Self-Attention, 2023 International Joint Conference on Neural Networks (IJCNN), 2023, 第 6 作者
（16） Zero-relabelling mobile-app identification over drifted encrypted network traffic, COMPUTER NETWORKS, 2023, 第 5 作者
（17） FlowTracker: Improved flow correlation attacks with denoising and contrastive learning, COMPUTERS & SECURITY, 2023, 第 3 作者
（18） The Potential Utility of Image Descriptions: User Identity Linkage across Social Networks Based on MultiModal Self-Attention Fusion, 2023 IEEE International Performance, Computing, and Communications Conference (IPCCC), 2023, 第 3 作者
（19） FedMP: Robust and Communication-Efficient Federated Multi-Prototype Intrusion Detection Framework in IoT, 2023 IEEE 29th International Conference on Parallel and Distributed Systems (ICPADS), 2023, 第 5 作者
（20） Multi-Feature Fusion Based Approach for Classifying Encrypted Mobile Application Traffic, CSCWD 2023, 2023, 第 6 作者
（21） BoAu: Malicious traffic detection with noise labels based on boundary augmentation, COMPUTERS & SECURITY, 2023, 第 5 作者
（22） ULDC: Unsupervised Learning-Based Data Cleaning for Malicious Traffic With High Noise, COMPUTER JOURNAL, 2023, 第 3 作者
（23） MENDER: Multi-level Feature Fusion Discovery Framework for Exposed ICS Remote Management Devices in the Wild, 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2023, 第 5 作者
（24） 基于黑盒测试框架的深度学习模型版权保护方法, Copyright protection for deep learning models utilizing a black-box testing framework, 网络安全与数据治理, 2023, 第 3 作者
（25） Covertness Analysis of Snowflake Proxy Request, 2023 26th International Conference on Computer Supported Cooperative Work in Design (CSCWD), 2023, 第 3 作者
（26） Analysing Covertness of Tor Bridge Request, ICC 2023-IEEE International Conference on Communications, 2023, 第 3 作者
（27） MCFM:Discover Sensitive Behavior from Encrypted Traffic in Industrial Control System, IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2022, 第 4 作者
（28） A Two-stage Method for Fine-grained DNS Covert Tunnel Behavior Detection, International Conference on Science of Cyber Security, 2022, 第 5 作者
（29） TTAGN: Temporal Transaction Aggregation Graph Network for Ethereum Phishing Scams Detection, 2022, 第 6 作者
（30） Shoot Before You Escape: Dynamic Behavior Monitor of Bitcoin Users via Bi-Temporal Network Analytics, Australasian Conference on Information Security and Privacy, 2022, 第 5 作者
（31） Privacy protection of China's top websites: A Multi-layer privacy measurement via network behaviours and privacy policies, COMPUTERS & SECURITY, 2022, 第 4 作者
（32） GALG:Linking Addresses in Tracking Ecosystem Using Graph Autoencoder with Link Generation, The European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases, 2022, 第 2 作者
（33） ET-BERT: A Contextualized Datagram Representation with Pre-training Transformers for Encrypted Traffic Classification, WWW, 2022, 第 2 作者
（34） FlowTracker: Improved flow correlation attacks with denoising and contrastive learning, Computers & Security, 2022, 第 3 作者
（35） Accurate mobile-app fingerprinting using flow-level relationship with graph neural networks, COMPUTER NETWORKS, 2022, 第 6 作者
（36） TMT-RF: Tunnel Mixed Traffic Classification Based on Random Forest, Security and Privacy in Communication Networks: 17th EAI International Conference, SecureComm 2021, 2021, 第 6 作者  通讯作者
（37） BAPM:Block Attention Profiling Model for Multi tab Website Fingerprinting Attacks on Tor, Proceedings of the 37th Annual Computer Security Applications Conference, 2021, 第 2 作者
（38） Illuminate the Shadow: A Comprehensive Study of TLS Client Certificate Ecosystem in the Wild, 2021 28th International Conference on Telecommunications (ICT), 2021, 第 7 作者
（39） Towards Multi-source Extension: A Multi-classification Method Based on Sampled NetFlow Records, TrustCom 2021, 2021, 第 7 作者
（40） Let Imbalance Have Nowhere to Hide: Class-Sensitive Feature Extraction for Imbalanced Traffic Classification, 2021 International Joint Conference on Neural Networks (IJCNN), 2021, 第 3 作者
（41） A Study on Security Analysis of the Unlinkability in Tor, MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM), 2021, 第 5 作者
（42） EthSniffer: A Global Passive Perspective on Ethereum, International Conference on Blockchain and Trustworthy Systems, 2021, 第 4 作者
（43） Old Habits Die Hard: A Sober Look at TLS Client Certificates in the Real World, 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2021, 第 4 作者
（44） Robust node embedding against graph structural perturbations, INFORMATION SCIENCES, 2021, 第 5 作者
（45） Classifying encrypted traffic using adaptive fingerprints with multi-level attributes, WORLD WIDE WEB-INTERNET AND WEB INFORMATION SYSTEMS, 2021, 第 2 作者
（46） Survey of security supervision on blockchain from the perspective of technology, JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2021, 第 6 作者  通讯作者
（47） Mining the Characteristics of the Ethereum P2P Network, BSCI '20: Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure, 2020, 第 6 作者
（48） NSA-Net: A NetFlow Sequence Attention Network for Virtual Private Network Traffic Detection, WISE 2020, 2020, 第 6 作者
（49） DLchain: A Covert Channel over Blockchain Based on Dynamic Labels, INFORMATION AND COMMUNICATIONS SECURITY (ICICS 2019), 2020, 第 5 作者
（50） An Quick Available-Bandwidth Measurement Method Based on Link Delay Growth Rate, ICCBN 2020: 2020 8TH INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND BROADBAND NETWORKING / ICCET 2020: 2020 3RD INTERNATIONAL CONFERENCE ON COMMUNICATION ENGINEERING AND TECHNOLOGY, 2020, 第 4 作者
（51） Joint Analysis of Port and Protocol via Endpoint Measurement: An Empirical Study, APNOMS 2020: 2020 21ST ASIA-PACIFIC NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (APNOMS), 2020, 第 3 作者  通讯作者
（52） A Survey of Key Technologies for Constructing Network Covert Channel, SECURITY AND COMMUNICATION NETWORKS, 2020, 第 2 作者
（53） FLAGB: Focal Loss based Adaptive Gradient Boosting for Imbalanced Traffic Classification, 2020 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2020, 第 4 作者
（54） WF-GAN: Fighting Back Against Website Fingerprinting Attack Using Adversarial Learning, 2020 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2020, 第 5 作者  通讯作者
（55） Identify OS from encrypted traffic with TCP/IP stack fingerprinting, 2019 IEEE 38TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2019, 第 5 作者
（56） I Know What You Are Doing With Remote Desktop, 2019 IEEE 38TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2019, 第 4 作者
（57） Malicious Domain Detection via Domain Relationship and Graph Models, 2019 IEEE 38TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2019, 第 6 作者
（58） An Overview of Blockchain Security Analysis, CYBER SECURITY, CNCERT 2018, 2019, 第 5 作者  通讯作者
（59） FS-Net: A How Sequence Network For Encrypted Traffic Classification, IEEE CONFERENCE ON COMPUTER COMMUNICATIONS (IEEE INFOCOM 2019), 2019, 第 3 作者
（60） Deep Forest with LRRS Feature for Fine-grained Website Fingerprinting with Encrypted SSL/TLS, PROCEEDINGS OF THE 28TH ACM INTERNATIONAL CONFERENCE ON INFORMATION & KNOWLEDGE MANAGEMENT (CIKM '19), 2019, 第 3 作者
（61） A Comprehensive Study of Accelerating IPv6 Deployment, 2019 IEEE 38TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2019, 第 5 作者
（62） User Behavior Classification in Encrypted Cloud Camera Traffic, 2019 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2019, 第 4 作者
（63） TLS/SSL Encrypted Traffic Classification with Autoencoder and Convolutional Neural Network, IEEE 20TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS / IEEE 16TH INTERNATIONAL CONFERENCE ON SMART CITY / IEEE 4TH INTERNATIONAL CONFERENCE ON DATA SCIENCE AND SYSTEMS (HPCC/SMARTCITY/DSS), 2018, 第 5 作者
（64） LaFFT: Length-Aware FFT Based Fingerprinting for Encrypted Network Traffic Classification, 2018 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2018, 第 4 作者
（65） Image-Set Based Collaborative Representation for Face Recognition in Videos, ADVANCES IN MULTIMEDIA INFORMATION PROCESSING - PCM 2017, PT II, 2018, 第 3 作者
（66） Classifying User Activities in the Encrypted WeChat Traffic, 2018 IEEE 37TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2018, 第 5 作者
（67） Identifying Gambling and Porn Websites with Image Recognition, ADVANCES IN MULTIMEDIA INFORMATION PROCESSING - PCM 2017, PT II, 2018, 第 3 作者
（68） How Is the Forged Certificates in the Wild: Practice on Large-Scale SSL Usage Measurement and Analysis, COMPUTATIONAL SCIENCE - ICCS 2018, PT III, 2018, 第 3 作者  通讯作者
（69） Old Habits Die Hard: Fingerprinting Websites on the Cloud, COMPUTATIONAL SCIENCE - ICCS 2018, PT III, 2018, 第 5 作者
（70） MaMPF: Encrypted Traffic Classification Based on Multi-Attribute Markov Probability Fingerprints, 2018 IEEE/ACM 26TH INTERNATIONAL SYMPOSIUM ON QUALITY OF SERVICE (IWQOS), 2018, 第 3 作者
（71） Auto-identification of Background Traffic Based on Autonomous Periodic Interaction, 2017 IEEE 36TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2017, 第 5 作者
（72） Video face recognition through multi-scale and optimization of margin distributions, INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE (ICCS 2017), 2017, 第 3 作者
（73） Discovering abnormal behaviors via HTTP header fields measurement, CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2017, 第 3 作者
（74） A network attack forensic platform against HTTP evasive behavior, JOURNAL OF SUPERCOMPUTING, 2017, 第 6 作者  通讯作者
（75） POSTER: A Comprehensive Study of Forged Certificates in the Wild, CCS'17: PROCEEDINGS OF THE 2017 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2017, 第 3 作者  通讯作者
（76） 支持多租户的网络测试床模拟流量标记和溯源模型, Multi-tenant Network Testbed Flow Watermarking and Provenance Tracing Model, 电子学报, 2017, 第 6 作者
（77） Identifying Malware with HTTP Content Type Inconsistency via Header-Payload Comparison, 2017 IEEE 36TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2017, 第 5 作者
（78） Metric Learning With Statistical Features For Network Traffic Classification, 2017 IEEE 36TH INTERNATIONAL PERFORMANCE COMPUTING AND COMMUNICATIONS CONFERENCE (IPCCC), 2017, 第 6 作者
（79） POSTER: An Empirical Measurement Study on Multi-tenant Deployment Issues of CDNs, CCS'17: PROCEEDINGS OF THE 2017 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2017, 第 3 作者
（80） Riemannian Optimization with Subspace Tracking for Low-rank Recovery, 2016 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2016, 第 5 作者
（81） 面向网络环境的SQL注入行为检测方法, Approach to detecting SQL injection behaviors in network environment, 通信学报, 2016, 第 2 作者
（82） 一种基于数据层的BGP网络前缀分类研究, Research on BGP Preifx Classiifcation Based on Data Panel, 信息网络安全, 2015, 第 3 作者
（83） HybridFA：一种基于统计的AC自动机空间优化技术, Hybrid FA: a memory reduction technique for the AC automata based on statistics, 通信学报, 2015, 第 1 作者
（84） Two-Phased Method for Detecting Evasive Network Attack Channels, CHINA COMMUNICATIONS, 2014, 第 2 作者  通讯作者
（85） Delta-K-2-tree for Compact Representation of Web Graphs, WEB TECHNOLOGIES AND APPLICATIONS, APWEB 2014, 2014, 第 2 作者  通讯作者
（86） 基于X.509证书测量的隐私泄露分析, X.509 Certificate Measurement Based Privacy Analysis, 计算机学报, 2014, 第 2 作者
（87） A Survey on Encrypted Traffic Classification, APPLICATIONS AND TECHNIQUES IN INFORMATION SECURITY, ATIS 2014, 2014, 第 2 作者  通讯作者
（88） POSTER: Mining Elephant Applications in Unknown Traffic by Service Clustering, CCS'14: PROCEEDINGS OF THE 21ST ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2014, 第 3 作者
（89） Two-Phased Method for Detecting Evasive Network Attack Channels, Two-Phased Method for Detecting Evasive Network Attack Channels, 中国通信：英文版, 2014, 第 2 作者
（90） 图数据表示与压缩技术综述, Survey on Succinct Representation of Graph Data, 软件学报, 2014, 第 3 作者
（91） 基于主机行为关联的加密P2P流量实时分类方法, Real-time classification of encrypted P2P traffic based on host behavior association, 高技术通讯, 2013, 第 1 作者
（92） A De-anonymize attack method based on traffic analysis, 2013 8TH INTERNATIONAL ICST CONFERENCE ON COMMUNICATIONS AND NETWORKING IN CHINA (CHINACOM), 2013, 第 2 作者
（93） 基于流分析的加密网络服务分类, 2013, 第 1 作者
（94） DNSSEC域名解析的形式化描述及量化分析研究, Formal Description and Quantitative Analysis of DNSSEC Resolution Service, 计算机研究与发展, 2012, 第 4 作者
（95） Few-shot encrypted traffic classification via multi-task representation enhanced meta-learning, COMPUTER NETWORKS, 第 2 作者

（1） 阻击黑客：技术、策略与案例, Thinking Security - Stopping Next Year‘s Hackers, 电子工业出版社, 2017-03, 第 2 作者

   

（1）基于AI的未知威胁流量检测   华为“网络天下”安全技术论坛   2023-05-27
（2）网络治理探索与实践：隐形的博弈   中国计算机大会（CNCC 2022）技术论坛    2022-12-08
（3）探索网络安全新困扰——全加密时代来临，网络安全何处去？   中国计算机大会（CNCC 2021）技术论坛   2021-12-17
（4）加密数据流量测量与行为分析   第六届网络空间安全国际研讨会   2021-05-28
（5）新型网络行为分析：挑战与探索   中国计算机大会（CNCC 2020）技术论坛   2020-10-23
（6）加密数据流量测量与行为分析   第十二届信息安全漏洞分析与风险评估大会（VARA 2019）   2019-09-08
（7）加密数据流量测量与行为分析   第七届互联网安全大会（ISC 2019）   2019-08-20
（8）FS-Net: A Flow Sequence Network For Encrypted Traffic Classification   2019国际计算机通信大会（INFOCOM 2019）   2019-04-28
（9）区块链网络测量与行为分析   2018中国区块链技术大会   2018-11-25
（10）SSL/TLS Security Exploration Through X.509 Certificate's Life Cycle Measurement   2018 IEEE计算机与通信会议（ISCC 2018）   2018-06-26
（11）大数据网络行为分析   2017网络安全生态峰会   2017-07-27
（12）Video face recognition through multi-scale and optimization of margin distributions   2017计算机科学国际会议（ICCS 2017）   2017-06-12
（13）面向网络安全的大数据网络行为分析   中国网络安全年会 2017（CNCERT 2017）   2017-05-24
（14）A Low-cost Detection Scheme on Fast-flux Malware Distribution   第37届IEEE安全和隐私研讨会（S&P 2016）   2016-05-23
（15）MimicHunter: A General Passive Network Protocol Mimicry Detection Framework   第14届计算与通讯中的可信、安全与隐私国际会议（TrustCom 2015）   2015-08-20
（16）Improving intrusion detection on SSL/TLS channels by classifying certificates   第17届国际攻击、入侵和防御研讨会（RAID 2014）   2014-09-18