Abstract: Aiming at the current situation of difficult detection of encrypted threats and difficulties in the supervision of encrypted services and encrypted traffic in railway network security requirements, especially the problems such as insufficient granularity of encrypted traffic analysis and insufficient technical support. This paper designed a railway network encrypted traffic intelligent monitoring system based on intelligent algorithm collaboration, which was composed of data acquisition subsystem, feature modeling subsystem, intelligent analysis subsystem and configuration management subsystem, and described the key technologies of application type identification of encrypted traffic based on the Elmo+LSTM+Self-Attention model and exception identification of encrypted traffic based on two-stage Long Short-Term Memory(LSTM) network. The system helps to improve the encrypted traffic monitoring technology, enhance the comprehensive defense capability of railway network security, and also provides technical support for the safe operation and maintenance of the network and information system in the future railway field.