SwePub
Sök i LIBRIS databas

  Extended search

onr:"swepub:oai:DiVA.org:kth-308511"
 

Search: onr:"swepub:oai:DiVA.org:kth-308511" > Using Features of E...

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist
  • Afzal, Zeeshan,1991-Karlstads universitet,KTH,Nätverk och systemteknik,Karlstad University Karlstad Sweden,Institutionen för matematik och datavetenskap (from 2013),KTH Royal Institute of Technology, Sweden,Datavetenskap, Computer Science (author)

Using Features of Encrypted Network Traffic to Detect Malware

  • Article/chapterEnglish2021

Publisher, publication year, extent ...

  • 2021-03-03
  • Cham :Springer Science and Business Media Deutschland GmbH,2021
  • printrdacarrier

Numbers

  • LIBRIS-ID:oai:DiVA.org:kth-308511
  • https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-308511URI
  • https://doi.org/10.1007/978-3-030-70852-8_3DOI
  • https://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-81466URI

Supplementary language notes

  • Language:English
  • Summary in:English

Part of subdatabase

Classification

  • Subject category:ref swepub-contenttype
  • Subject category:kon swepub-publicationtype

Notes

  • Part of proceedings: ISBN 9783030708511, QC 20230118
  • Artikeln ingick som manuskript i Afzals (2020) doktorsavhandling Life of a Security Middlebox: Challenges with Emerging Protocols and Technologies
  • Encryption on the Internet is as pervasive as ever. This has protected communications and enhanced the privacy of users. Unfortunately, at the same time malware is also increasingly using encryption to hide its operation. The detection of such encrypted malware is crucial, but the traditional detection solutions assume access to payload data. To overcome this limitation, such solutions employ traffic decryption strategies that have severe drawbacks. This paper studies the usage of encryption for malicious and benign purposes using large datasets and proposes a machine learning based solution to detect malware using connection and TLS metadata without any decryption. The classification is shown to be highly accurate with high precision and recall rates by using a small number of features. Furthermore, we consider the deployment aspects of the solution and discuss different strategies to reduce the false positive rate.

Subject headings and genre

Added entries (persons, corporate bodies, meetings, titles ...)

  • Brunström, Anna,1967-Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),Datavetenskap, Computer Science(Swepub:kau)annabrun (author)
  • Lindskog, Stefan,1967-Karlstads universitet,Institutionen för matematik och datavetenskap (from 2013),SINTEF Digital, Trondheim, NOR,Datavetenskap, Computer Science(Swepub:kau)steflind (author)
  • KTHNätverk och systemteknik (creator_code:org_t)

Related titles

  • In:25th Nordic Conference on Secure IT Systems, NordSec 2020Cham : Springer Science and Business Media Deutschland GmbH, s. 37-53
  • In:Secure IT SystemsCham : Springer Science and Business Media Deutschland GmbH, s. 37-5397830307085119783030708528

Internet link

Find in a library

To the university's database

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist

Find more in SwePub

By the author/editor
Afzal, Zeeshan, ...
Brunström, Anna, ...
Lindskog, Stefan ...
About the subject
NATURAL SCIENCES
NATURAL SCIENCES
and Computer and Inf ...
and Computer Science ...
NATURAL SCIENCES
NATURAL SCIENCES
and Computer and Inf ...
Articles in the publication
25th Nordic Conf ...
Secure IT System ...
By the university
Royal Institute of Technology
Karlstad University

Search outside SwePub

Wikipedia about the author:
Zeeshan_Afzal
Afzal, Zeeshan,1991-
en

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Close

Copy and save the link in order to return to this view