Characterizing Anomalies in Malware-Generated HTTP Traffic
Table 3
The relation between the research source and the analyzed HTTP request feature groups.
Feature group
Research sources
HTTP request structure
Montero [14], Cuckoo, Calzarossa et al. [13], Rossow et al. [11], Nelson [12], Li et al. [21]
Header field values
Montero [14], Lewis [17], Mizuno et al. [18], Calzarossa et al. [13], Li et al. [19], Kheir [20], Rossow et al. [11], Nelson [12], Li et al. [21], Perdisci et al. [22]