Hfinger: Malware HTTP Request Fingerprinting
نویسندگان
چکیده
منابع مشابه
Towards Sound HTTP Request Causation Inference
Network traces are a useful tool in understanding how users navigate the web. Knowing the sequence of pages that led a user to arrive at a malicious website can help researchers develop techniques to prevent users from reaching such sites. Nevertheless, inferring sound causation between HTTP requests is a challenging task. Previous work often inferred these relationships without proper calibrat...
متن کاملHTTP header heuristics for malware detection
Sophisticated!malware,!such!as!those!used!by!Advanced!Persistent!Threat!(APT)! groups,!will!attempt!to!avoid!detection!wherever!and!whenever!it!can.!However,! even!the!stealthiest!malware!will!have!to!communicate!at!some!point,!and!when!it! does!so,!it!provides!an!opportunity!for!detection.!This!paper!looks!at!a!number!of! techniques!to!identify!the!presence!of!malware!which!attempts!to!masquer...
متن کاملScalable fine-grained behavioral clustering of HTTP-based malware
A large number of today’s botnets leverage the HTTP protocol to communicate with their botmasters or perpetrate malicious activities. In this paper, we present a new scalable system for network-level behavioral clustering of HTTP-based malware that aims to efficiently group newly collected malware samples into malware family clusters. The end goal is to obtain malware clusters that can aid the ...
متن کاملSandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion
To cope with the ever-increasing volume of malware samples, automated program analysis techniques are inevitable. Malware sandboxes in particular have become the de facto standard to extract a program’s behavior. However, the strong need to automate program analysis also bears the risk that anyone that can submit programs to learn and leak the characteristics of a particular sandbox. We introdu...
متن کاملDetecting Information Leakage via a HTTP Request Based on the Edit Distance
Recently, we often face the problem of information leakage. In a lot of routes of leakage, the number of leakage victims via the Internet makes up approximately the half of all leakage victims. The cause of leakage via the Internet is divided into human action and malware such as spyware. For example, it occurs when human writes on the bulletin board and spyware works. Especially a technical co...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Entropy
سال: 2021
ISSN: 1099-4300
DOI: 10.3390/e23050507