Yang et al., 2016 - Google Patents
A multi-level feature extraction technique to detect moble botnetYang et al., 2016
- Document ID
- 10933691937103557748
- Author
- Yang M
- Wen Q
- Publication year
- Publication venue
- 2016 2nd IEEE International Conference on Computer and Communications (ICCC)
External Links
Snippet
Android malware detection has been heavily studied, which classical android malware detecting approaches are signature-based or behavior-based detection based on the files itself, but little attention has been directed to the network traffics generated by android …
- 238000000034 method 0 title abstract description 12
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/36—Image preprocessing, i.e. processing the image information without deciding about the identity of the image
- G06K9/46—Extraction of features or characteristics of the image
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11783035B2 (en) | Multi-representational learning models for static analysis of source code | |
| US11323466B2 (en) | Malicious HTTP cookies detection and clustering | |
| Wang et al. | Detecting android malware leveraging text semantics of network flows | |
| US10853484B2 (en) | Cookies watermarking in malware analysis | |
| US11816214B2 (en) | Building multi-representational learning models for static analysis of source code | |
| Wang et al. | Seeing through network-protocol obfuscation | |
| CA2966408C (en) | A system and method for network intrusion detection of covert channels based on off-line network traffic | |
| US11636208B2 (en) | Generating models for performing inline malware detection | |
| US11374946B2 (en) | Inline malware detection | |
| WO2018076697A1 (en) | Method and apparatus for detecting zombie feature | |
| Zhang et al. | ScanMe mobile: a cloud-based Android malware analysis service | |
| Matoušek et al. | On reliability of JA3 hashes for fingerprinting mobile applications | |
| Gomez et al. | Unsupervised detection and clustering of malicious tls flows | |
| Singh et al. | A comparative review of malware analysis and detection in HTTPs traffic | |
| Yang et al. | A multi-level feature extraction technique to detect moble botnet | |
| JP2024023875A (en) | Inline malware detection | |
| Singh | Classification of Malware in HTTPs Traffic Using Machine Learning Approach | |
| Singh et al. | RETRACTED: A hybrid layered architecture for detection and analysis of network based Zero-day attack | |
| Woodiss-Field et al. | Towards evaluating the effectiveness of botnet detection techniques | |
| Alageel et al. | EarlyCrow: Detecting APT malware command and control over HTTP (S) using contextual summaries | |
| Su et al. | Mobile traffic identification based on application's network signature | |
| Ramos et al. | A Machine Learning Based Approach to Detect Stealthy Cobalt Strike C &C Activities from Encrypted Network Traffic | |
| Kim et al. | HAS-Analyzer: Detecting HTTP-based C&C based on the Analysis of HTTP Activity Sets | |
| Ahlgren | Local And Network Ransomware Detection Comparison | |
| Patel | Mining Ransomware Signatures from Network Traffic |