Analysis of sequential feature engineering and statistical features for malware behavior discovery

Bachelor thesis (2021)

Authors

M.P. Epifanov Electrical Engineering, Mathematics and Computer Science

Contributors

S.E. Verwer Cyber Security - (supervisor 1)

A. Nadeem Cyber Security - (supervisor 1)

M.A. Migut Computer Science & Engineering-Teaching Team - (coach)

Faculty

Electrical Engineering, Mathematics and Computer Science

Malpaca Network security Unsupervised Machine Learning

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:d442df44-14bb-47e1-8dd7-89e281ae39a9

Published Date

01-07-2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Malware Packet-sequence Clustering and Analysis (MalPaCA) is a unsupervised clustering application for malicious network behavior, it currently uses solely sequential features to characterize network behavior. In this paper an extensive comparison between those features and statistical features is performed. During the comparison a better clustering performance achievable with statistical features for longer connection sequences is shown and advice on which features can be added to MalPaCA.

Files

ResearchPaper_MikhailEpifanov_... (.pdf)

(.pdf | 1.25 Mb)