The search result changed since you submitted your search request. Documents might be displayed in a different sort order.
  • search hit 7 of 17
Back to Result List

Malware Detection by HTTPS Traffic Analysis

  • In order to evade detection by network-traffic analysis, a growing proportion of malware uses the encrypted HTTPS protocol. We explore the problem of detecting malware on client computers based on HTTPS traffic analysis. In this setting, malware has to be detected based on the host IP address, ports, timestamp, and data volume information of TCP/IP packets that are sent and received by all the applications on the client. We develop a scalable protocol that allows us to collect network flows of known malicious and benign applications as training data and derive a malware-detection method based on a neural networks and sequence classification. We study the method's ability to detect known and new, unknown malware in a large-scale empirical study.

Download full text files

Export metadata

Metadaten
Author details:Paul PrasseGND, Gerrit Gruben, Lukas Machlika, Tomas Pevny, Michal Sofka, Tobias SchefferORCiD
URN:urn:nbn:de:kobv:517-opus4-100942
Publication type:Preprint
Language:English
Date of first publication:2017/01/23
Publication year:2016
Publishing institution:Universität Potsdam
Release date:2017/01/23
Tag:computer security; machine learning
Number of pages:10
Organizational units:Mathematisch-Naturwissenschaftliche Fakultät
DDC classification:0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 004 Datenverarbeitung; Informatik
License (German):License LogoKeine öffentliche Lizenz: Unter Urheberrechtsschutz
Accept ✔
This website uses technically necessary session cookies. By continuing to use the website, you agree to this. You can find our privacy policy here.