Abstract: With the widespread adoption of encryption, payload-based intrusion detection has become infeasible, leaving a critical gap in identifying malicious activity within encrypted traffic. While ...