Malicious　encrypted　traffic　poses　a　great　threat　to　cyber　space　owing　to　its　ability　to　bypass　traditional　traffic　detection　schemes.　Malicious　encrypted　traffic　detection　is　a　challenging　task　and　has　attracted　researchers＇　attention　nowadays.　Specifically,　the　detection　task　is　subject　to　difficult　feature　mining　and　unsatisfactory　results.　Therefore,　a　mining　policy　based　detection　scheme　is　proposed,　which　mines　more　efficient　features　based　on　a　rule　based　mining　strategy　and　achieves　well　learning　effect　with　machine　learning　algorithm-LightGBM.　In　this　scheme,　raw　traffic　is　parsed　to　log　files　with　Bro　and　features　are　extracted　based　on　connection-tetrad.　Accordingly,　the　rule-based　feature　mining　strategy　is　proposed　based　on　several　rules.　Then　features　are　fed　to　LightGBM　to　train　a　detection　model.　A　set　of　experiments　show　that　the　feature　mining　strategy　is　effective　and　our　work　improves　malicious　encrypted　traffic　detection　effect.　©　2020　ACM.