Research Article
CCgen: Injecting Covert Channels into Network Traffic
Table 2
Suricata rulesets used for the evaluation.
| name | Summary | Vendor |
| et/open | Emerging threats open ruleset | Proofpoint | et/pro | Emerging threats pro ruleset | Proofpoint | Oisf/trafficid | Suricata traffic ID ruleset | OISF | Ptresearch/attackdetection | Positive technologies attack detection team ruleset | Positive technologies | Scwx/enhanced | Secureworks suricata-enhanced ruleset | Secureworks | Scwx/malware | Secureworks suricata-malware ruleset | Secureworks | Scwx/security | Secureworks suricata-security ruleset | Secureworks | Sslbl/ssl-fp-blacklist | Abuse.ch SSL blacklist | Abuse.ch | Sslbl/ja3-fingerprints | Abuse.ch suricata JA3 fingerprint ruleset | Abuse.ch | Etnetera/aggressive | Etnetera aggressive IP blacklist | Etnetera a.s. | tgreen/hunting | Threat hunting rules | tgreen | Malsilo/win-malware | Commodity malware rules | Malsilo |
|
|