Research Article
Characterizing Anomalies in Malware-Generated HTTP Traffic
Table 8
Basic information about malicious pcap repositories.
| Feature | CERT.pl | MCFP | Sum |
| No. of pcaps in repository | 36,268 | 117 | 36,385 | No. of pcaps with HTTP network traffic | 26,042 | 91 | 26,133 | No. of pcaps with HTTP network traffic containing requests alerted by IDS | 22,630 | 67 | 22,697 | No. of reported IDS alerts | 2,133,682 | 425,441 | 2,559,123 | No. of reported IDS alerts assigned to requests | 405,116 | 238,805 | 643,921 | No. of unique alerted IDS rules | 578 | 139 | 642 |
|
|