All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

End-node Fingerprinting for Malware Detection on HTTPS Data

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F67985556%3A_____%2F17%3A00507114" target="_blank" >RIV/67985556:_____/17:00507114 - isvavai.cz</a>

  • Alternative codes found

    RIV/68407700:21230/17:00312831 RIV/61384399:31160/17:00051939

  • Result on the web

    <a href="http://dx.doi.org/10.1145/3098954.3107007" target="_blank" >http://dx.doi.org/10.1145/3098954.3107007</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1145/3098954.3107007" target="_blank" >10.1145/3098954.3107007</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    End-node Fingerprinting for Malware Detection on HTTPS Data

  • Original language description

    One of the current challenges in network intrusion detection research is the malware communicating over HTTPS protocol. Usually the task is to detect infected end-nodes with this type of malware by monitoring network traffc. The challenge lies in a very limited number of weak features that can be extracted from the network traffc capture of encrypted HTTP communication. This paper suggests a novel fingerprinting method that addresses thisnproblem by building a higher-level end-node representation on top of the weak features. Conducted large-scale experiments on real network data show superior performance of the proposed method over the state-of-the-art solution in terms of both a lower number of produced false alarms (precision) and a higher number of detected infections (recall).

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    20204 - Robotics and automatic control

Result continuities

  • Project

  • Continuities

    I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2017

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES'17)

  • ISBN

    978-1-4503-5257-4

  • ISSN

  • e-ISSN

  • Number of pages

    7

  • Pages from-to

    1-7

  • Publisher name

    ACM

  • Place of publication

    New York

  • Event location

    Reggio Calabria

  • Event date

    Aug 29, 2017

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000426964900077

Similar results(10)

Monitoring malware communication channelsJoint Detection of Malicious Domains and Infected ClientsFeature Extraction and Malware Detection on Large HTTPS Data Using MapReduce