Network traffic analysis

BOTection: Bot Detection by Building Markov Chain Models of Bots Network Behavior

Botnets continue to be a threat to organizations, thus various machine learning-based botnet detectors have been proposed. However, the capability of such systems in detecting new or unseen botnets is crucial to ensure its robustness against the …

On the Resilience of Network-based Moving Target Defense Techniques Against Host Profiling Attacks

Researchers propose Moving Target Defense (MTD) strategies for networking infrastructures as a countermeasure to impede attackers from identifying and exploiting vulnerable network hosts. In this paper, we investigate the weaknesses of Network-based …

DART: Detecting Unseen Malware Variants using Adaptation Regularization Transfer Learning

Network traffic analysis has been widely used for detecting malware at a large-scale network. Nevertheless, the emerging malware variants and zero-day exploits keep posing significant challenges to malware detection systems. In this paper, we propose …

MalAlert: Detecting Malware in Large-Scale Network Traffic Using Statistical Features

In recent years, we witness the spreading of a significant variety of malware, which operate and propagate relying on network communications. Due to the staggering growth of traffic in the last years, detecting malicious software has become …

Lexical Mining of Malicious URLs for Classifying Android Malware

The prevalence of mobile malware has become a growing is-sue given the tight integration of mobile systems with our daily life. Mostmalware programs use URLs inside network traffic to forward commandsto launch malicious activities. Therefore, the …

The Dark Side (-Channel) of Mobile Devices: A Survey on Network Traffic Analysis

In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for …

Robust smartphone app identification via encrypted network traffic analysis

The apps installed on a smartphone can revealmuch information about a user, such as their medical conditions,sexual orientation, or religious beliefs. Additionally, the presenceor absence of particular apps on a smartphone can informan adversary who …

Appscanner: Automatic fingerprinting of smartphone apps from encrypted network traffic

Automatic fingerprinting and identification of smartphone apps is becoming a very attractive data gathering technique for adversaries, network administrators, investigators and marketing agencies. In fact, the list of apps installed on a device can …

Analyzing Android Encrypted Network Traffic to Identify User Actions

Mobile devices can be maliciously exploited to violate the privacy of people. In most attack scenarios, the adversary takes the local or remote control of the mobile device, by leveraging a vulnerability of the system, hence sending back the …

Can't You Hear Me Knocking: Identification of User Actions on Android Apps via Traffic Analysis

While smartphone usage become more and more pervasive,people start also asking to which extent such devices can bemaliciously exploited as “tracking devices”. The concern isnot only related to an adversary taking physical or remotecontrol of the …