18,640 Hits in 2.2 sec

Website Detection Using Remote Traffic Analysis [article]

Xun Gong, Negar Kiyavash, Nabíl Schear, Nikita Borisov
2011 arXiv   pre-print
To demonstrate the threat of such remote traffic analysis, we study a remote website detection attack that works against home broadband users.  ...  We also show how such website detection can be used to deanonymize message board users.  ...  As compared with previous work, using our remote traffic analysis technique for identifying websites introduces two additional challenges.  ... 
arXiv:1109.0097v1 fatcat:xheg2phwpbbgffkwlnwlcorzau

Website Detection Using Remote Traffic Analysis [chapter]

Xun Gong, Nikita Borisov, Negar Kiyavash, Nabil Schear
2012 Lecture Notes in Computer Science  
To demonstrate the threat of such remote traffic analysis, we study a remote website detection attack that works against home broadband users.  ...  We also show how such website detection can be used to deanonymize message board users.  ...  We show how this channel can be used to carry out a remote attack to detect a remote user's browsing patterns. This highlights the importance of traffic analysis attacks in today's connected Internet.  ... 
doi:10.1007/978-3-642-31680-7_4 fatcat:nyb6rnozfzakvnawms3jhoriva

Fingerprinting websites using remote traffic analysis

Xun Gong, Negar Kiyavash, Nikita Borisov
2010 Proceedings of the 17th ACM conference on Computer and communications security - CCS '10  
We demonstrate the threat of such remote traffic analysis by developing a remote website fingerprinting attack that works against home broadband users.  ...  This shows that remote traffic analysis represents a real threat to privacy on the Internet.  ...  As compared with the previous work, using remote traffic analysis for website fingerprinting introduces two additional challenges.  ... 
doi:10.1145/1866307.1866397 dblp:conf/ccs/GongKB10 fatcat:5th5spp3kva6hls7c3pldgvg3y

Hierarchy Website Fingerprint Using N-gram Byte Distribution

Mohammed Aldarwbi, Essa Shahra
2017 Transactions on Networks and Communications  
Websites classification based on traffic analysis has become a difficult problem due to the large number of websites within the internet.  ...  In this paper, a two-level websites' classification technique is proposed. At the first level, the traffic is classified to a general category such as sports, news, social, healthy, education, etc.  ...  Gong in [6] proposed work is trying to prove that the remote traffic analysis could be used by eavesdroppers.  ... 
doi:10.14738/tnc.56.3767 fatcat:hgx7c5fbmnhpfmtae4wi5tgmhy

Detection of Covert Botnet Command and Control Channels by Causal Analysis of Traffic Flows [chapter]

Pieter Burghouwt, Marcel Spruit, Henk Sips
2013 Lecture Notes in Computer Science  
Techniques as encryption, steganography, and recently the use of social network websites as a proxy, impede conventional detection of botnet communication.  ...  Identifying the direct causes of traffic flows, allows for real-time bot detection with a low exposure to malware, and offline forensic analysis of traffic.  ...  C&C communication that uses websites of popular services and social networks as a proxy, is an effective method to hide the C&C traffic, because malicious and legitimate traffic share the same destinations  ... 
doi:10.1007/978-3-319-03584-0_10 fatcat:l3ou5ke56bc3zavlb46jqahxte

Emerging and Unconventional: New Attacks and Innovative Detection Techniques

Luca Caviglione, Wojciech Mazurczyk, Steffen Wendzel, Sebastian Zander
2018 Security and Communication Networks  
Detection is the second area. Novel forms of detection are mandatory to counteract sophisticated malware or to perform traffic analysis in emerging and complex scenarios.  ...  amounts of unlabeled raw network traffic data using deep learning approaches.  ... 
doi:10.1155/2018/9672523 fatcat:wgxoc6njwnff7ojqnxbgz4wxxe

Cross-layer detection of malicious websites

Li Xu, Zhenxin Zhan, Shouhuai Xu, Keying Ye
2013 Proceedings of the third ACM conference on Data and application security and privacy - CODASPY '13  
In this paper, we propose an analysis of the corresponding network-layer traffic between the browser and the web server by incorporating the static analysis of website contents, which is conducted at the  ...  The insight of this approach is that the network-layer may expose useful information about malicious websites from a different perspective.  ...  Our Contributions We propose an analysis of the corresponding network-layer traffic between the browser and the web server by incorporating the static analysis of website contents.  ... 
doi:10.1145/2435349.2435366 dblp:conf/codaspy/XuZXY13 fatcat:67udwfwbf5hdxiohmzbutwshua

Analysis on Remote Access Trojan Role in Advance Persistent Threat: A Concern for Cyber Criminal Investigations

Julio Budiman
2016 Figshare  
The purpose of this study is to analyze one of the attack tools that can be used in an Advance Persistent Threat (APT), a Remote Access Trojan (RAT).  ...  Remote Access Trojan played a prominent role in many targeted cyber incidents throughout history.  ...  Screenshot 2-10: Luminosity Link On-Join Command Feature Remote Access Trojan Analysis Wireshark Wireshark is an advanced network analysis tools that allows the analyst to investigate network traffic  ... 
doi:10.6084/m9.figshare.3510224.v1 fatcat:vvt55nzgcbdxjfat6ftg6oopym

Traffic Fingerprinting Attacks on Internet of Things using Machine Learning

Monika Skowron, Artur Janicki, Wojciech Mazurczyk
2020 IEEE Access  
INDEX TERMS Internet of Things, machine learning, network traffic fingerprinting, privacy, traffic analysis.  ...  The second part introduces and validates a method for the devices' state detection based on pattern recognition with ML.  ...  TRAFFIC FINGERPRINTING A traffic analysis attack can be defined as network traffic monitoring to identify useful patterns in the traces that can be used for defense and detection of security risks (such  ... 
doi:10.1109/access.2020.2969015 fatcat:k6awfmm3ure5rl7udj4ea5squa

Detection of Malicious Servers for Preventing Client-Side Attacks

Khuda Bux, Muhammad Yousaf, Akhtar Hussain Jalbani, Komal Batool
2021 Mehran University Research Journal of Engineering and Technology  
First to detect malicious servers with passive detection which is often signature based. Second to detect the malicious servers with active detection often with dynamic malware analysis.  ...  In this paper, we have proposed a solution for the detection and prevention of malicious servers that use the Bro Intrusion Detection System (IDS) and VirusTotal API 2.0.  ...  The tool and techniques used for this are Bro IDS which depends on passive approach for detecting malicious servers by analysis of network traffic at the gateway. We are focusing on websites/ URL's.  ... 
doi:10.22581/muet1982.2101.20 doaj:50d9e66ce6ed4c8b882aebb50ce77eac fatcat:eo5jwk625rflnnsfqmcemtvmm4

Slow flooding attack detection in cloud using change point detection approach

Dr Baldev Singh, Dr S.N. Panda, Dr Gurpinder Singh Samra
2018 International Journal of Engineering & Technology  
Traffic of websites is observed by using remote java script.  ...  Golden ration is used to compute the threshold and this threshold is further used along with the computed metric values of normal and malicious traffic for flooding attack detection.  ...  The authors in [10] paper discussed about success of using an improved method for the detection of DDOS attack based on the analysis of multiple factors.  ... 
doi:10.14419/ijet.v7i2.30.13459 fatcat:qti644bhjzby5ovzhyob5csmtq

Performing Forensic Analysis on Network to Identify Malicious Traffic

Jonnadula Bala Harika
2020 International Journal of Advanced Trends in Computer Science and Engineering  
This paper proposes a Network forensics analysis framework to identify malicious threats in network traffic using Wireshark and generate alert using snort.  ...  Snort is used to detect network-based attacks using some rules and all activities on network traffic are recorded on Snort are stored in a log file.  ...  During the Initial Stage, examine the network traffic using network analysis tools.  ... 
doi:10.30534/ijatcse/2020/171922020 fatcat:dq6oshhbg5avzak7vgb6rjhfhu

Optimizing Rule on Open Source Firewall Using Content and PCRE Combination

Gandeva Bayu Satrya, Soo Young Shin
2015 Journal of Advances in Computer Networks  
The contribution of this paper is to provide a NIDS system that is more optimal and inexpensive in implementation because it uses Open Source Firewall of cyber-attacks.  ...  NIDS (Network Intrusion Detection System) is a software application that can see deeper into the network to prevent suspicious activity such as malicious software or unauthenticated activity.  ...  attack traffic using wireshark.  ... 
doi:10.18178/jacn.2015.3.4.188 fatcat:543wdgac2navbfo3gxcn3oqpcq

User-Assisted Host-Based Detection of Outbound Malware Traffic [chapter]

Huijun Xiong, Prateek Malhotra, Deian Stefan, Chehai Wu, Danfeng Yao
2009 Lecture Notes in Computer Science  
These types of traffic analysis may not catch stealthy attacks carried out by today's malware.  ...  We describe how our studies can be applied to detecting bot infection.  ...  They are counted as two different IP addresses in our analysis. (2) Many websites heavily use third-party content providers for multimedia contents or advertisements.  ... 
doi:10.1007/978-3-642-11145-7_23 fatcat:xfq7pff625ctvpwkdufcdnhl5m

Security Certification in Payment Card Industry

Sazzadur Rahaman, Gang Wang, Danfeng (Daphne) Yao
2019 Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security - CCS '19  
Our in-depth accuracy analysis also shows that PciCheckerLite's output is more precise than w3af.  ...  Then we use the testbed to examine the capability and limitations of PCI scanners and the rigor of the certification process.  ...  Network Traffic Analysis. We collected the incoming network requests from each of the scanners using the access log of our testbed.  ... 
doi:10.1145/3319535.3363195 dblp:conf/ccs/RahamanWY19 fatcat:tixdtxfbejacppssgg4vat6zrq
« Previous Showing results 1 — 15 out of 18,640 results