Research Article
Using XGBoost to Discover Infected Hosts Based on HTTP Traffic
Table 2
HTTP header field information and template comparison.
| | HTTP header field information | Generated templates |
| | Accept: Text json | Accept: Text ∗ | | Accept-Encoding: Gzip deflate | Accept-Encoding: Gzip ∗ | | Connection: Keep-Alive | Connection: ∗ | | User-Agent: Mozilla 4.0 (compatible; MSIE 6.0; Windows NT 5.1) | User-Agent: Mozilla ∗ (compatible; MSIE ∗ Windows NT ∗ |
|
|
