A network attack forensic platform against HTTP evasive behavior


With the increasing amounts of data streams and sophistication of attacks, there is a need for network forensic systems that store and examine very large amounts of network flow data. HTTP, as the most popular protocol on the Internet, is usually exploited to carry malware and evasive attacks besides the normal services. By analyzing HTTP evasive behaviors… (More)
DOI: 10.1007/s11227-016-1924-3


6 Figures and Tables