Artificial intelligence methods have often been applied to carry out specific functions or errands in the cyber-defense realm. However, as adversary methods become more complex and difficult to divine, piecemeal efforts to understand cyber-attacks, and malware-based attacks in particular, are not providing sufficient means for malware analysts to understand the past, present and future distinctiveness of malware. Because, most of the malware communications take place-utilizing services. These services are completely anonymous and monitoring such services is a hard task. To address this issue, this paper proposes a novel traffic analysis scheme using correlation methods (non-parametric approach). Experiments are performed to validate the proposed approach on the real time traffic data collected over the period of 1 week. The experimental results confirm that the proposed method outperforms the existing state of the art traffic analysis schemes. The result also exhibits the traffic classification performance, which is analyzed by the decade old nearest neighbor method.