Research Article
HTTP-Based APT Malware Infection Detection Using URL Correlation Analysis
Table 1
Feature set for normal uncorrelated request filter.
| | Feature | Description |
| | URL length | Number of characters of the URL | | URL entropy | The information entropy of the URL | | Number of URL parameters | Number of parameters of the URL | | TLD | The top-level domain of the URL | | Domain entropy | The information entropy of the domain | | Content type | Content type of the HTTP request | | Cookie | Does the HTTP request contain cookies? | | User agent | User agent of the HTTP request |
|
|
