All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Learning communication patterns for malware discovery in HTTPs data

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F18%3A10374342" target="_blank" >RIV/00216208:11320/18:10374342 - isvavai.cz</a>

  • Alternative codes found

    RIV/68407700:21230/18:00321114

  • Result on the web

    <a href="https://doi.org/10.1016/j.eswa.2018.02.010" target="_blank" >https://doi.org/10.1016/j.eswa.2018.02.010</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1016/j.eswa.2018.02.010" target="_blank" >10.1016/j.eswa.2018.02.010</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Learning communication patterns for malware discovery in HTTPs data

  • Original language description

    Encrypted communication on the Internet using the HTTPs protocol represents a challenging task for network intrusion detection systems. While it significantly helps to preserve users&apos; privacy, it also limits a detection system&apos;s ability to understand the traffic and effectively identify malicious activities. In this work, we propose a method for modeling and representation of encrypted communication from logs of web communication. The idea is based on introducing communication snapshots of individual users&apos; activity that model contextual information of the encrypted requests. This helps to compensate the information hidden by the encryption. We then propose statistical descriptors of the communication snapshots that can be consumed by various machine learning algorithms for either supervised or unsupervised analysis of the data. In the experimental evaluation, we show that the presented approach can be used even on a large corpus of network traffic logs as the process of creation of the descriptors can be effectively implemented on a Hadoop cluster.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/GA15-08916S" target="_blank" >GA15-08916S: Efficient subgraph discovery for petabyte-scale web analysis</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2018

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Expert Systems with Applications

  • ISSN

    0957-4174

  • e-ISSN

  • Volume of the periodical

    2018

  • Issue of the periodical within the volume

    101

  • Country of publishing house

    US - UNITED STATES

  • Number of pages

    14

  • Pages from-to

    129-142

  • UT code for WoS article

    000428498300009

  • EID of the result in the Scopus database

    2-s2.0-85042216186

Similar results(10)

Flow-based detection of RDP brute-force attacksThreat Detection Through Correlation of Network Flows and LogsA novel dataset for encrypted virtual private network traffic