HAS-Analyzer: Detecting HTTP-based C&C based on the Analysis of HTTP Activity Sets
نویسندگان
چکیده
We focus on two distinctive features of HTTP-based C&C traffic by analyzing HTTP activity sets. First, C&Cs show a few connections at a time (low-density). Second, contents within a request or a response change frequently among consecutive C&Cs (content-change). Based on these two features, we propose a C&C analysis mechanism that detects unknown HTTP-based C&Cs with low false-positives.
منابع مشابه
GAzer: gene set analyzer
UNLABELLED Gene Set Analyzer (GAzer) is a web-based integrated gene set analysis tool covering previously reported parametric and non-parametric models. Based on a simulation test for the reported algorithms, we classified and implemented three main statistical methods consisting of the z-statistic, gene permutation and sample permutation for ten gene set categories including Gene Ontology (GO)...
متن کاملComparison of Diagnostic Value of Cast Analyzer X Iranian Software versus Curve Expert Software for Arch Form Construction based on Mathematical Models
Objective: For the assessment of primary arch form, different methods have been used including qualitative classifications, inter-canine and inter-molar widths and quantitative and numerical methods using mathematical models. The purpose of this study was to compare the validity and reliability of Cast Analyzer X Iranian software with those of Curve Expert Professional version 1.1 for arch fo...
متن کاملA Model for Detecting of Persian Rumors based on the Analysis of Contextual Features in the Content of Social Networks
The rumor is a collective attempt to interpret a vague but attractive situation by using the power of words. Therefore, identifying the rumor language can be helpful in identifying it. The previous research has focused more on the contextual information to reply tweets and less on the content features of the original rumor to address the rumor detection problem. Most of the studies have been in...
متن کاملمطالعه سیستاتین C سرم و کراتینین سرم به عنوان شاخص مطمئن در تشخیص نارسایی کلیوی بیماران فشار خونی
Background & Aims : In the past serum creatinine concentration was used as one of the important markers for early detection of kidney disorders, however recent studies suggest serum cystatin C to be a better marker. Therefore in this study we compared the diagnostic value of cystatin C with serum creatinine to evaluate kidney function in patients with high blood pressure. Materials & Meth...
متن کاملPONDEROSA-C/S: client–server based software package for automated protein 3D structure determination
Peak-picking Of Noe Data Enabled by Restriction Of Shift Assignments-Client Server (PONDEROSA-C/S) builds on the original PONDEROSA software (Lee et al. in Bioinformatics 27:1727-1728. doi: 10.1093/bioinformatics/btr200, 2011) and includes improved features for structure calculation and refinement. PONDEROSA-C/S consists of three programs: Ponderosa Server, Ponderosa Client, and Ponderosa Analy...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- TIIS
دوره 8 شماره
صفحات -
تاریخ انتشار 2014