检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:Jonah Burgess Philip O’Kane Sakir Sezer Domhnall Carlin
出 处:《Cybersecurity》2021年第1期386-400,共15页网络空间安全科学与技术(英文)
摘 要:While consumers use the web to perform routine activities,they are under the constant threat of attack from malicious websites.Even when visiting‘trusted’sites,there is always a risk that site is compromised,and,hosting a malicious script.In this scenario,the injected script would typically force the victim’s browser to undergo a series of redirects before reaching an attacker-controlled domain,which,delivers the actual malware.Although these malicious redirection chains aim to frustrate detection and analysis efforts,they could be used to help identify web-based attacks.Building upon previous work,this paper presents the first known application of a Long Short-Term Memory(LSTM)network to detect Exploit Kit(EK)traffic,utilising the structure of HTTP redirects.Samples are processed as sequences,where each timestep represents a redirect and contains a unique combination of 48 features.The experiment is conducted using a ground-truth dataset of 1279 EK and 5910 benign redirection chains.Hyper-parameters are tuned via K-fold cross-validation(5f-CV),with the optimal configuration achieving an F1 score of 0.9878 against the unseen test set.Furthermore,we compare the results of isolated feature categories to assess their importance.
关 键 词:Exploit kits MALWARE LSTM
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15
