Malicious traffic identification holds significant importance in cyberspace security. Combining deep learning with time series analysis techniques is a recent trend in solving this problem. Most of these approaches only capture the temporal correlation within a flow. The accuracy and robustness are unsatisfactory. How to learn a representation with a strong generalization ability for each encrypted traffic flow remains a key challenge. Our detailed analysis indicates that there are some graph structures in encrypted traffic flows. This study aims to investigate a Graph-driven malicious traffic recognition model that performing well in both analysis accuracy and scalability.