Research Article
HTTP-Based APT Malware Infection Detection Using URL Correlation Analysis
Table 1
Feature set for normal uncorrelated request filter.
| Feature | Description |
| URL length | Number of characters of the URL | URL entropy | The information entropy of the URL | Number of URL parameters | Number of parameters of the URL | TLD | The top-level domain of the URL | Domain entropy | The information entropy of the domain | Content type | Content type of the HTTP request | Cookie | Does the HTTP request contain cookies? | User agent | User agent of the HTTP request |
|
|