Evaluating payload features for malware infection detection (Preprint)
スポンサーリンク
概要
- 論文の詳細を見る
Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types-worm, Trojan horse, and file-infected virus-and the most effective features were identified for each type.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)------------------------------
- 2014-02-15
著者
-
Hiroshi Yoshiura
The University of Electro-Communications
-
Masatsugu Ichino
The University of Electro-Communications
-
Soichi Kimura
The University of Electro-Communications
-
Yusuke Otsuki
The University of Electro-Communications
-
Mitsuhiro Hatada
NTT Communications Corporation
関連論文
- Reducing Communication Complexity of Random Number Bitwise-Sharing for Efficient Multi-party Computation (preprint)
- Evaluating payload features for malware infection detection (Preprint)