Evaluating payload features for malware infection detection
この論文をさがす
説明
Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types―worm, Trojan horse, and file-infected virus―and the most effective features were identified for each type.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)DOI http://dx.doi.org/10.2197/ipsjjip.22.376------------------------------
Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types―worm, Trojan horse, and file-infected virus―and the most effective features were identified for each type.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)DOI http://dx.doi.org/10.2197/ipsjjip.22.376------------------------------
収録刊行物
-
- 情報処理学会論文誌
-
情報処理学会論文誌 55 (2), 2014-02-15
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1050564287857851008
-
- NII論文ID
- 110009665024
-
- NII書誌ID
- AN00116647
-
- ISSN
- 18827764
-
- Web Site
- http://id.nii.ac.jp/1001/00098512/
-
- 本文言語コード
- en
-
- 資料種別
- journal article
-
- データソース種別
-
- IRDB
- CiNii Articles