Evaluating payload features for malware infection detection

Yusuke, Otsuki, Masatsugu, Ichino, Soichi, Kimura, Mitsuhiro, Hatada, Hiroshi, Yoshiura

Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types―worm, Trojan horse, and file-infected virus―and the most effective features were identified for each type.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)DOI http://dx.doi.org/10.2197/ipsjjip.22.376------------------------------

Evaluating payload features for malware infection detection

この論文をさがす

説明

収録刊行物

キーワード

詳細情報詳細情報について

書き出し

問題の指摘

Evaluating payload features for malware infection detection

この論文をさがす

説明

収録刊行物

キーワード

詳細情報 詳細情報について

書き出し

問題の指摘

詳細情報詳細情報について