Research Article
CCgen: Injecting Covert Channels into Network Traffic
Table 2
Suricata rulesets used for the evaluation.
| | name | Summary | Vendor |
| | et/open | Emerging threats open ruleset | Proofpoint | | et/pro | Emerging threats pro ruleset | Proofpoint | | Oisf/trafficid | Suricata traffic ID ruleset | OISF | | Ptresearch/attackdetection | Positive technologies attack detection team ruleset | Positive technologies | | Scwx/enhanced | Secureworks suricata-enhanced ruleset | Secureworks | | Scwx/malware | Secureworks suricata-malware ruleset | Secureworks | | Scwx/security | Secureworks suricata-security ruleset | Secureworks | | Sslbl/ssl-fp-blacklist | Abuse.ch SSL blacklist | Abuse.ch | | Sslbl/ja3-fingerprints | Abuse.ch suricata JA3 fingerprint ruleset | Abuse.ch | | Etnetera/aggressive | Etnetera aggressive IP blacklist | Etnetera a.s. | | tgreen/hunting | Threat hunting rules | tgreen | | Malsilo/win-malware | Commodity malware rules | Malsilo |
|
|
