| bibtype |
C -
Conference Paper (international conference)
|
| ARLID |
0507114 |
| utime |
20240103222342.8 |
| mtime |
20190731235959.9 |
| SCOPUS |
85030325858 |
| WOS |
000426964900077 |
| DOI |
10.1145/3098954.3107007 |
| title
(primary) (eng) |
End-node Fingerprinting for Malware Detection on HTTPS Data |
| specification |
| page_count |
7 s. |
| media_type |
P |
|
| serial |
| ARLID |
cav_un_epca*0507113 |
| ISBN |
978-1-4503-5257-4 |
| title
|
Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES'17) |
| page_num |
1-7 |
| publisher |
| place |
New York |
| name |
ACM |
| year |
2017 |
|
|
| keyword |
HTTPS data |
| keyword |
Malware detection |
| keyword |
Supervised learning |
| author
(primary) |
| ARLID |
cav_un_auth*0352238 |
| name1 |
Komárek |
| name2 |
T. |
| country |
CZ |
|
| author
|
| ARLID |
cav_un_auth*0101197 |
| name1 |
Somol |
| name2 |
Petr |
| full_dept (cz) |
Rozpoznávání obrazu |
| full_dept |
Department of Pattern Recognition |
| department (cz) |
RO |
| department |
RO |
| institution |
UTIA-B |
| full_dept |
Department of Pattern Recognition |
| fullinstit |
Ústav teorie informace a automatizace AV ČR, v. v. i. |
|
| source |
|
| cas_special |
| abstract
(eng) |
One of the current challenges in network intrusion detection research is the malware communicating over HTTPS protocol. Usually the task is to detect infected end-nodes with this type of malware by monitoring network traffc. The challenge lies in a very limited number of weak features that can be extracted from the network traffc capture of encrypted HTTP communication. This paper suggests a novel fingerprinting method that addresses this\nproblem by building a higher-level end-node representation on top of the weak features. Conducted large-scale experiments on real network data show superior performance of the proposed method over the state-of-the-art solution in terms of both a lower number of produced false alarms (precision) and a higher number of detected infections (recall). |
| action |
| ARLID |
cav_un_auth*0377822 |
| name |
the 12th International Conference on Availability, Reliability and Security (ARES'17) |
| dates |
20170829 |
| mrcbC20-s |
20170901 |
| place |
Reggio Calabria |
| country |
IT |
|
| RIV |
BC |
| FORD0 |
20000 |
| FORD1 |
20200 |
| FORD2 |
20204 |
| reportyear |
2020 |
| num_of_auth |
2 |
| presentation_type |
PR |
| inst_support |
RVO:67985556 |
| permalink |
http://hdl.handle.net/11104/0298533 |
| confidential |
S |
| article_num |
77 |
| mrcbC86 |
3+4 Proceedings Paper Computer Science Information Systems |
| mrcbC86 |
3+4 Proceedings Paper Computer Science Information Systems |
| mrcbC86 |
3+4 Proceedings Paper Computer Science Information Systems |
| arlyear |
2017 |
| mrcbU14 |
85030325858 SCOPUS |
| mrcbU24 |
PUBMED |
| mrcbU34 |
000426964900077 WOS |
| mrcbU63 |
cav_un_epca*0507113 Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES'17) 978-1-4503-5257-4 1 7 New York ACM 2017 |
|