On the security of machine learning in malware c&c detection: A survey
J Gardiner, S Nagaraja - ACM Computing Surveys (CSUR), 2016 - dl.acm.org
One of the main challenges in security today is defending against malware attacks. As
trends and anecdotal evidence show, preventing these attacks, regardless of their …
trends and anecdotal evidence show, preventing these attacks, regardless of their …
The role of machine learning in cybersecurity
Machine Learning (ML) represents a pivotal technology for current and future information
systems, and many domains already leverage the capabilities of ML. However, deployment …
systems, and many domains already leverage the capabilities of ML. However, deployment …
Detecting unknown encrypted malicious traffic in real time via flow interaction graph analysis
In this paper, we propose HyperVision, a realtime unsupervised machine learning (ML)
based malicious traffic detection system. Particularly, HyperVision is able to detect unknown …
based malicious traffic detection system. Particularly, HyperVision is able to detect unknown …
The dropper effect: Insights into malware distribution with downloader graph analytics
Malware remains an important security threat, as miscreants continue to deliver a variety of
malicious programs to hosts around the world. At the heart of all the malware delivery …
malicious programs to hosts around the world. At the heart of all the malware delivery …
Resident evil: Understanding residential ip proxy as a dark service
An emerging Internet business is residential proxy (RESIP) as a service, in which a provider
utilizes the hosts within residential networks (in contrast to those running in a datacenter) to …
utilizes the hosts within residential networks (in contrast to those running in a datacenter) to …
A lustrum of malware network communication: Evolution and insights
Both the operational and academic security communities have used dynamic analysis
sandboxes to execute malware samples for roughly a decade. Network information derived …
sandboxes to execute malware samples for roughly a decade. Network information derived …
SoK: Pragmatic assessment of machine learning for network intrusion detection
G Apruzzese, P Laskov… - 2023 IEEE 8th European …, 2023 - ieeexplore.ieee.org
Machine Learning (ML) has become a valuable asset to solve many real-world tasks. For
Network Intrusion Detection (NID), however, scientific advances in ML are still seen with …
Network Intrusion Detection (NID), however, scientific advances in ML are still seen with …
Combating the evasion mechanisms of social bots
The detection and anti-detection of social botnets constitute an arms race that enables social
botnets to evolve quickly. Existing host-side detection approaches cannot easily detect every …
botnets to evolve quickly. Existing host-side detection approaches cannot easily detect every …
Scanning the internet for liveness
Internet-wide scanning depends on a notion of liveness: does a target IP address respond to
a probe packet? However, the interpretation of such responses, or lack of them, is nuanced …
a probe packet? However, the interpretation of such responses, or lack of them, is nuanced …
Autoprobe: Towards automatic active malicious server probing using dynamic binary analysis
Malware continues to be one of the major threats to Internet security. In the battle against
cybercriminals, accurately identifying the underlying malicious server infrastructure (eg, C&C …
cybercriminals, accurately identifying the underlying malicious server infrastructure (eg, C&C …