Feature #1899: Detecting Malicious TCP Network Flows Based on Benford’s Law - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #1899

open

VJ CT

Detecting Malicious TCP Network Flows Based on Benford’s Law

Feature #1899: Detecting Malicious TCP Network Flows Based on Benford’s Law

Added by Victor Julien over 9 years ago. Updated over 2 years ago.

Status:

New

Priority:

Normal

Assignee:

Community Ticket

Target version:

TBD

Effort:

Difficulty:

Label:

Description

This is an interesting paper:

“Flow Size Difference” Can Make a Difference: Detecting Malicious TCP Network Flows Based on Benford’s Law

http://arxiv.org/pdf/1609.04214v1.pdf

History
Notes
Property changes

AH Updated by Andreas Herz almost 9 years ago Actions
Copy link
#1

Assignee set to OISF Dev

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
#2

Assignee changed from OISF Dev to Community Ticket

PA Updated by Philippe Antoine over 2 years ago Actions
Copy link
#3

What is missing in Suricata to have this as post process ?

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #1899

Detecting Malicious TCP Network Flows Based on Benford’s Law

AH Updated by Andreas Herz almost 9 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine over 2 years ago Actions
Copy link
#3

Project

General

Profile

Suricata

Custom queries

Feature #1899

Detecting Malicious TCP Network Flows Based on Benford’s Law

AH Updated by Andreas Herz almost 9 years ago ActionsCopy link #1

VJ Updated by Victor Julien over 6 years ago ActionsCopy link #2

PA Updated by Philippe Antoine over 2 years ago ActionsCopy link #3

AH Updated by Andreas Herz almost 9 years ago Actions
Copy link
#1

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine over 2 years ago Actions
Copy link
#3