|
|
|
|
detecting bot networks based on http and tls traffic analysis
|
|
|
|
|
|
|
|
نویسنده
|
nafarieh zahra ,mahdipour ebrahim ,haj seyed javadi haj hamid
|
|
منبع
|
journal of advances in computer engineering and technology - 2020 - دوره : 6 - شماره : 2 - صفحه:61 -70
|
|
چکیده
|
Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. detecting of infected http communications is a big challenge because infected http connections are clearly merged with other types of http traffic. cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly engage in forbidden activities, while tls (transport layer security) protocols allow encrypted communication between client and server in the context of internet provides. methods of analyzing traffic behavior do not depend on payloads. this means that they can work with encrypted network communication protocols. traffic behavior analysis methods do not depend on package shipments, which means they can work with encrypted network communication protocols. hence, the analysis of tls and http traffic behavior has been considered for detecting malicious activities. because of the exchange of information in the network context is very high and the volume of information is very large, storing and indexing of this massive data require a big data platform.
|
|
کلیدواژه
|
bot networks ,http traffic analysis ,tls traffic analysis ,intrusion detection ,network security ,security threats
|
|
آدرس
|
islamic azad university, science and research branch, department of electrical and computer engineering, iran, islamic azad university, science and research branch, department of electrical and computer engineering, iran, shahed university, department of mathematics and computer science, iran
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|