Sciweavers

Free Online Productivity Tools i2Speak i2Symbol i2OCR iTex2Img iWeb2Print iWeb2Shot i2Type iPdf2Split iPdf2Merge i2Bopomofo i2Arabic i2Style i2Image i2PDF iLatex2Rtf Sci2ools

11

DIMVA
2008

favoriteEmaildiscussreport

76views Computer Networks» more DIMVA 2008»

Traffic Aggregation for Malware Detection

13 years 6 months ago

Traffic Aggregation for Malware Detection

Download www.ece.cmu.edu

Abstract. Stealthy malware, such as botnets and spyware, are hard to detect because their activities are subtle and do not disrupt the network, in contrast to DoS attacks and aggressive worms. Stealthy malware, however, does communicate to exfiltrate data to the attacker, to receive the attacker's commands, or to carry out those commands. Moreover, since malware rarely infiltrates only a single host in a large enterprise, these communications should emerge from multiple hosts within coarse temporal proximity to one another. In this paper, we describe a system called T

Ting-Fang Yen, Michael K. Reiter

Real-time Traffic

Computer Networks | DIMVA 2008 | Infected Hosts | Internal Hosts | Stealthy Malware |

claim paper

Related Content

» Defending Mobile Phones from Proximity Malware

» Automatic malware categorization using cluster ensemble

» Detecting Malware Outbreaks Using a Statistical Model of Blackhole Traffic

» Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data

» Siren Catching Evasive Malware Short Paper

» Observing Internet Worm and Virus Attacks with a Small Network Telescope

» Browser Fingerprinting from Coarse Traffic Summaries Techniques and Implications

» Detecting and Identifying Network Anomalies by Component Analysis

» Analyzing network traffic to detect selfdecrypting exploit code

Post Info
More Details (n/a)

Added	29 Oct 2010
Updated	29 Oct 2010
Type	Conference
Year	2008
Where	DIMVA
Authors	Ting-Fang Yen, Michael K. Reiter

Comments (0)