LE QUY DON
Technical University
VietnameseClear Cookie - decide language by browser settings

A research on clustering and identifying automated communication in the HTTP environment

Tran, M.C. and Thi, N.Q. and Tien, N.T. and Phuc, N.X. and Minh, N.H. (2020) A research on clustering and identifying automated communication in the HTTP environment. In: 4th International Conference on Research in Intelligent and Computing in Engineering, RICE 2019, 8 August 2019 through 9 August 2019.

Text (PDF)
1. Manh Rice 2019 2020 04 10 ISI.pdf - Published Version

Download (236kB) | Preview

Abstract

A lot of HTTP traffics are unnoticed to users because they are automatically generated from software. This caused by HTTP protocol characteristics. For the purpose of communication with servers, HTTP-based applications always automatically and actively send requests to their hosts because HTTPs are designed as connectionless protocols. In addition, all kinds of HTTP communications from software such as a bot, adware, and normal web accesses are mixed clearly. This raises the requirement for clarification of HTTP traffics. Most previous studies concentrated on HTTP-based malicious bot traffics, however, graywares such as adware or unauthorized applications are also becoming serious internal threats since they can stealth sensitive information or web usage experiences from infected systems. In this study, a new method for clustering and identifying HTTP communications is proposed. It focuses on analyzing of HTTP-based software Internet access behaviors. The method is tested with real outbound HTTP communication of a private network. Examination showed improved results with an accuracy rate of 91.18% in clustering and identifying HTTP automated communications. © Springer Nature Singapore Pte Ltd. 2020.

Item Type: Conference or Workshop Item (Paper)
Divisions: Institutes > Institute of System Integration
Identification Number: 10.1007/978-981-15-2780-7_111
Uncontrolled Keywords: Hypertext systems; Intelligent computing; Malware; Accuracy rate; Automatically generated; HTTP protocols; HTTP traffic; Infected systems; Internet access; Private networks; Sensitive informations; HTTP
Additional Information: Conference code: 239099. Language of original document: English.
URI: http://eprints.lqdtu.edu.vn/id/eprint/9152

Actions (login required)

View Item
View Item