Boukhtouta et al., 2016 - Google Patents
Network malware classification comparison using DPI and flow packet headersBoukhtouta et al., 2016
View PDF- Document ID
- 11150636957717657165
- Author
- Boukhtouta A
- Mokhov S
- Lakhdari N
- Debbabi M
- Paquet J
- Publication year
- Publication venue
- Journal of Computer Virology and Hacking Techniques
External Links
Snippet
In order to counter cyber-attacks and digital threats, security experts must generate, share, and exploit cyber-threat intelligence generated from malware. In this research, we address the problem of fingerprinting maliciousness of traffic for the purpose of detection and …
- 238000001514 detection method 0 abstract description 84
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Boukhtouta et al. | Network malware classification comparison using DPI and flow packet headers | |
| Kaur et al. | Hybrid intrusion detection and signature generation using deep recurrent neural networks | |
| Sharma et al. | User behavior analytics for anomaly detection using LSTM autoencoder-insider threat detection | |
| Salo et al. | Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection | |
| Abdallah et al. | Intrusion detection systems using supervised machine learning techniques: a survey | |
| Meng et al. | Design of intelligent KNN‐based alarm filter using knowledge‐based alert verification in intrusion detection | |
| Ahmetoglu et al. | A comprehensive review on detection of cyber-attacks: Data sets, methods, challenges, and future research directions | |
| Aleroud et al. | Contextual information fusion for intrusion detection: a survey and taxonomy | |
| Amrollahi et al. | Enhancing network security via machine learning: opportunities and challenges | |
| Vinayakumar et al. | Improved DGA domain names detection and categorization using deep learning architectures with classical machine learning algorithms | |
| Manzoor et al. | Network intrusion detection system using apache storm | |
| Kumar et al. | Applications of machine learning techniques in the realm of cybersecurity | |
| Zwane et al. | Ensemble learning approach for flow-based intrusion detection system | |
| Pillai et al. | Hybrid unsupervised web-attack detection and classification–A deep learning approach | |
| Awadh et al. | Intrusion detection model based on TF. IDF and C4. 5 algorithms | |
| Islam et al. | Real-time detection schemes for memory DoS (M-DoS) attacks on cloud computing applications | |
| Samha et al. | Intrusion detection system using hybrid convolutional neural network | |
| Pallaprolu et al. | Label propagation in big data to detect remote access Trojans | |
| Ismail et al. | Incorporating known malware signatures to classify new malware variants in network traffic | |
| Zhumabekova et al. | Determining Web Application Vulnerabilities Using Machine Learning Methods | |
| Patil et al. | Learning to detect phishing web pages using lexical and string complexity analysis | |
| Nagle et al. | Feature Extraction Based Classification Technique for Intrusion Detection System | |
| Molcer et al. | Machine learning based network intrusion detection system for internet of things cybersecurity | |
| Pakmehr et al. | DDoS attack detection techniques in IoT networks: a survey | |
| Elshafie et al. | An Efficient Snort NIDSaaS based on Danger Theory and Machine Learning |