FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1912382034> ?p ?o ?g. }

• W1912382034 endingPage "40" @default.
• W1912382034 startingPage "21" @default.
• W1912382034 abstract "Abstract. Botmasters increasingly encrypt command-and-control (C&C) communication to evade existing intrusion detection systems. Our detailed C&C traffic analysis shows that at least ten prevalent malware families avoid well-known C&C carrier protocols, such as IRC and HTTP. Six of these families - e.g., Zeus P2P, Pramro, Virut, and Sality - do not exhibit any characteristic n-gram that could serve as payload-based signature in an IDS.Given knowledge of the C&C encryption algorithms, we detect these evasive C&C protocols by decrypting any packet captured on the network. In order to test if the decryption results in messages that stem from malware, we propose ProVex, a system that automatically derives probabilistic vectorized signatures. ProVex learns characteristic values for fields in the C&C protocol by evaluating byte probabilities in C&C input traces used for training. This way, we identify the syntax of C&C messages without the need to manually specify C&C protocol semantics, purely based on network traffic. Our evaluation shows that ProVex can detect all studied malware families, most of which are not detectable with traditional means. Despite its naive approach to decrypt all traffic, we show that ProVex scales up to multiple Gbit/s line speed networks." @default.
• W1912382034 created "2016-06-24" @default.
• W1912382034 creator A5033589837 @default.
• W1912382034 creator A5066046654 @default.
• W1912382034 date "2013-01-01" @default.
• W1912382034 modified "2023-09-23" @default.
• W1912382034 title "ProVeX: Detecting Botnets with Encrypted Command and Control Channels" @default.
• W1912382034 cites W126407768 @default.
• W1912382034 cites W1504161274 @default.
• W1912382034 cites W1553308705 @default.
• W1912382034 cites W1968061803 @default.
• W1912382034 cites W1976866799 @default.
• W1912382034 cites W1985987493 @default.
• W1912382034 cites W2021753915 @default.
• W1912382034 cites W2049867480 @default.
• W1912382034 cites W2074231493 @default.
• W1912382034 cites W2083183119 @default.
• W1912382034 cites W2092756033 @default.
• W1912382034 cites W2115675703 @default.
• W1912382034 cites W2121972959 @default.
• W1912382034 cites W2126881776 @default.
• W1912382034 cites W2131875129 @default.
• W1912382034 cites W2148560273 @default.
• W1912382034 cites W324032601 @default.
• W1912382034 cites W85558978 @default.
• W1912382034 doi "https://doi.org/10.1007/978-3-642-39235-1_2" @default.
• W1912382034 hasPublicationYear "2013" @default.
• W1912382034 type Work @default.
• W1912382034 sameAs 1912382034 @default.
• W1912382034 citedByCount "34" @default.
• W1912382034 countsByYear W19123820342013 @default.
• W1912382034 countsByYear W19123820342014 @default.
• W1912382034 countsByYear W19123820342015 @default.
• W1912382034 countsByYear W19123820342016 @default.
• W1912382034 countsByYear W19123820342017 @default.
• W1912382034 countsByYear W19123820342018 @default.
• W1912382034 countsByYear W19123820342019 @default.
• W1912382034 countsByYear W19123820342020 @default.
• W1912382034 countsByYear W19123820342021 @default.
• W1912382034 countsByYear W19123820342022 @default.
• W1912382034 crossrefType "book-chapter" @default.
• W1912382034 hasAuthorship W1912382034A5033589837 @default.
• W1912382034 hasAuthorship W1912382034A5066046654 @default.
• W1912382034 hasConcept C110875604 @default.
• W1912382034 hasConcept C111919701 @default.
• W1912382034 hasConcept C148730421 @default.
• W1912382034 hasConcept C22735295 @default.
• W1912382034 hasConcept C31258907 @default.
• W1912382034 hasConcept C38652104 @default.
• W1912382034 hasConcept C41008148 @default.
• W1912382034 hasConcept C506615639 @default.
• W1912382034 hasConcept C76155785 @default.
• W1912382034 hasConceptScore W1912382034C110875604 @default.
• W1912382034 hasConceptScore W1912382034C111919701 @default.
• W1912382034 hasConceptScore W1912382034C148730421 @default.
• W1912382034 hasConceptScore W1912382034C22735295 @default.
• W1912382034 hasConceptScore W1912382034C31258907 @default.
• W1912382034 hasConceptScore W1912382034C38652104 @default.
• W1912382034 hasConceptScore W1912382034C41008148 @default.
• W1912382034 hasConceptScore W1912382034C506615639 @default.
• W1912382034 hasConceptScore W1912382034C76155785 @default.
• W1912382034 hasLocation W19123820341 @default.
• W1912382034 hasOpenAccess W1912382034 @default.
• W1912382034 hasPrimaryLocation W19123820341 @default.
• W1912382034 hasRelatedWork W1499648394 @default.
• W1912382034 hasRelatedWork W1975280420 @default.
• W1912382034 hasRelatedWork W2130216882 @default.
• W1912382034 hasRelatedWork W2182674428 @default.
• W1912382034 hasRelatedWork W2596503800 @default.
• W1912382034 hasRelatedWork W2771198651 @default.
• W1912382034 hasRelatedWork W2898126008 @default.
• W1912382034 hasRelatedWork W2993833625 @default.
• W1912382034 hasRelatedWork W3076212043 @default.
• W1912382034 hasRelatedWork W86804927 @default.
• W1912382034 isParatext "false" @default.
• W1912382034 isRetracted "false" @default.
• W1912382034 magId "1912382034" @default.
• W1912382034 workType "book-chapter" @default.