Detecting Malware-Infected Hosts Using Templates Of Multiple Http Requests
2020 IEEE 17TH ANNUAL CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE (CCNC 2020)(2020)
摘要
In this paper, we propose a method for detecting malware-infected hosts with a high rate of detection and a low rate of false positives without using any data on benign communication. Based on the fact that many malware-infected hosts generate multiple HTTP requests, we propose a method using the templates of sets of those HTTP requests. For each malware, this method generates a template that comprises the set of templates of the HTTP requests that the malware generates. We call the set of templates group template. It then detects malware-infected hosts by comparing the set of monitored HTTP requests with the group templates.
更多查看译文
关键词
Malware, Detection, Bot, Template
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络