ASAP : automatic semantics-aware analysis of network payloads
| dc.bibliographicCitation.seriesTitle | WIAS Preprints | eng |
| dc.bibliographicCitation.volume | 1502 | |
| dc.contributor.author | Krueger, Tammo | |
| dc.contributor.author | Krämer, Nicole | |
| dc.contributor.author | Rieck, Konrad | |
| dc.date.accessioned | 2016-03-24T17:38:37Z | |
| dc.date.available | 2019-06-28T08:05:16Z | |
| dc.date.issued | 2010 | |
| dc.description.abstract | Automatic inspection of network payloads is a prerequisite for effective analysis of network communication. Security research has largely focused on network analysis using protocol specifications, for example for intrusion detection, fuzz testing and forensic analysis. The specification of a protocol alone, however, is often not sufficient for accurate analysis of communication, as it fails to reflect individual semantics of network applications. We propose a framework for semantics-aware analysis of network payloads which automaticylly extracts semantic components from recorded network traffic. Our method proceeds by mapping network payloads to a vector space and identifying semantic templates corresponding to base directions in the vector space. We demonstrate the efficacy of semantics-aware analysis in different security applications: automatic discovery of patterns in honeypot data, analysis of malware communication and network intrusion detection. | eng |
| dc.description.version | publishedVersion | eng |
| dc.format | application/pdf | |
| dc.identifier.issn | 0946-8633 | |
| dc.identifier.uri | https://doi.org/10.34657/2027 | |
| dc.identifier.uri | https://oa.tib.eu/renate/handle/123456789/2288 | |
| dc.language.iso | eng | eng |
| dc.publisher | Berlin : Weierstraß-Institut für Angewandte Analysis und Stochastik | eng |
| dc.relation.issn | 0946-8633 | eng |
| dc.rights.license | This document may be downloaded, read, stored and printed for your own use within the limits of § 53 UrhG but it may not be distributed via the internet or passed on to external parties. | eng |
| dc.rights.license | Dieses Dokument darf im Rahmen von § 53 UrhG zum eigenen Gebrauch kostenfrei heruntergeladen, gelesen, gespeichert und ausgedruckt, aber nicht im Internet bereitgestellt oder an Außenstehende weitergegeben werden. | ger |
| dc.subject.ddc | 510 | eng |
| dc.subject.other | dimensionality reduction | eng |
| dc.subject.other | computer security | eng |
| dc.subject.other | intrusion detection | eng |
| dc.title | ASAP : automatic semantics-aware analysis of network payloads | eng |
| dc.type | Report | eng |
| dc.type | Text | eng |
| tib.accessRights | openAccess | eng |
| wgl.contributor | WIAS | eng |
| wgl.subject | Mathematik | eng |
| wgl.type | Report / Forschungsbericht / Arbeitspapier | eng |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 664831966.pdf
- Size:
- 370.45 KB
- Format:
- Adobe Portable Document Format
- Description: