Identifying encrypted malware traffic with contextual flow data
B Anderson, D McGrew - Proceedings of the 2016 ACM workshop on …, 2016 - dl.acm.org
Identifying threats contained within encrypted network traffic poses a unique set of
challenges. It is important to monitor this traffic for threats and malware, but do so in a way …
challenges. It is important to monitor this traffic for threats and malware, but do so in a way …
Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity
B Anderson, D McGrew - Proceedings of the 23rd ACM SIGKDD …, 2017 - dl.acm.org
The application of machine learning for the detection of malicious network traffic has been
well researched over the past several decades; it is particularly appealing when the traffic is …
well researched over the past several decades; it is particularly appealing when the traffic is …
Feature analysis of encrypted malicious traffic
AS Shekhawat, F Di Troia, M Stamp - Expert Systems with Applications, 2019 - Elsevier
In recent years there has been a dramatic increase in the number of malware attacks that
use encrypted HTTP traffic for self-propagation or communication. Antivirus software and …
use encrypted HTTP traffic for self-propagation or communication. Antivirus software and …
Deciphering malware's use of TLS (without decryption)
The use of TLS by malware poses new challenges to network threat detection because
traditional pattern-matching techniques can no longer be applied to its messages. However …
traditional pattern-matching techniques can no longer be applied to its messages. However …
MalClassifier: Malware family classification using network flow sequence behaviour
BA AlAhmadi, I Martinovic - 2018 APWG Symposium on …, 2018 - ieeexplore.ieee.org
Anti-malware vendors receive daily thousands of potentially malicious binaries to analyse
and categorise before deploying the appropriate defence measure. Considering the …
and categorise before deploying the appropriate defence measure. Considering the …
Ggfast: Automating generation of flexible network traffic classifiers
When employing supervised machine learning to analyze network traffic, the heart of the
task often lies in developing effective features for the ML to leverage. We develop GGFAST …
task often lies in developing effective features for the ML to leverage. We develop GGFAST …
Machine learning for encrypted malicious traffic detection: Approaches, datasets and comparative study
As people's demand for personal privacy and data security becomes a priority, encrypted
traffic has become mainstream in the cyber world. However, traffic encryption is also …
traffic has become mainstream in the cyber world. However, traffic encryption is also …
Malware traffic detection using tamper resistant features
This paper presents a framework for evaluating the transport layer feature space of malware
heartbeat traffic. We utilize these features in a prototype detection system to distinguish …
heartbeat traffic. We utilize these features in a prototype detection system to distinguish …
Deepmal-deep learning models for malware traffic detection and classification
G Marín, P Caasas, G Capdehourat - … of the 3rd international data science …, 2021 - Springer
Robust network security systems are essential to prevent and mitigate the harming effects of
the ever-growing occurrence of network attacks. In recent years, machine learning-based …
the ever-growing occurrence of network attacks. In recent years, machine learning-based …
Can encrypted traffic be identified without port numbers, IP addresses and payload inspection?
R Alshammari, AN Zincir-Heywood - Computer networks, 2011 - Elsevier
Identifying encrypted application traffic represents an important issue for many network tasks
including quality of service, firewall enforcement and security. Solutions should ideally be …
including quality of service, firewall enforcement and security. Solutions should ideally be …