Project

General

Profile

Actions

Feature #1899

open

Detecting Malicious TCP Network Flows Based on Benford’s Law

Added by Victor Julien about 8 years ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

This is an interesting paper:

“Flow Size Difference” Can Make a Difference: Detecting Malicious TCP Network Flows Based on Benford’s Law

http://arxiv.org/pdf/1609.04214v1.pdf

Actions #1

Updated by Andreas Herz over 7 years ago

  • Assignee set to OISF Dev
Actions #2

Updated by Victor Julien about 5 years ago

  • Assignee changed from OISF Dev to Community Ticket
Actions #3

Updated by Philippe Antoine about 1 year ago

What is missing in Suricata to have this as post process ?

Actions

Also available in: Atom PDF