Paper Abstract and Keywords |
Presentation |
2013-03-08 14:50
A Study on Malware Traffic Detection by Using N-gram Probability Density Kenji Kawamoto (Waseda Univ.), Masatsugu Ichino, Yusuke Otsuki (Univ. of Electro-Comm.), Mitsuhiro Hatada (NTT), Hiroshi Yoshiura (Univ. of Electro-Comm.), Jiro Katto (Waseda Univ.) LOIS2012-102 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The threat of malware is increasing.
Malware detection has thus become important for the safety of the Internet usage.
In this paper,
our goal is to classify Internet traffic into normal or anomalous class correctly to prevent malware from spreading through the Internet.
To stop malware, we are focusing on the time series changes between normal and malware traffic.
We propose a malware detection method by using N-gram to handle time series changes.
Classification of Internet traffic into normal or anomoalous class is done by using posterior probability calculated by nearest neighbor density estimation.
We use CCCDATAset2010,2011 as malware traffic,
and application traffic captured dby a PC as normal traffic. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
malware detection / pattern recognition / N-gram / nearest neighbor density estimation / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 112, no. 466, LOIS2012-102, pp. 191-196, March 2013. |
Paper # |
LOIS2012-102 |
Date of Issue |
2013-02-28 (LOIS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
LOIS2012-102 |
|