Hfinger: Malware HTTP Request Fingerprinting

Malicious software utilizes HTTP protocol for communication purposes, creating network traffic that is hard to identify as it blends into the traffic generated by benign applications. To this aim, fingerprinting tools have been developed to help track and identify such traffic by providing a short representation of malicious HTTP requests. However, currently existing tools do not analyze all information included in the HTTP message or analyze it insufficiently. To address these issues, we propose Hfinger, a novel malware HTTP request fingerprinting tool. It extracts information from the parts of the request such as URI, protocol information, headers, and payload, providing a concise request representation that preserves the extracted information in a form interpretable by a human analyst. For the developed solution, we have performed an extensive experimental evaluation using real-world data sets and we also compared Hfinger with the most related and popular existing tools such as FATT, Mercury, and p0f. The conducted effectiveness analysis reveals that on average only 1.85% of requests fingerprinted by Hfinger collide between malware families, what is 8–34 times lower than existing tools. Moreover, unlike these tools, in default mode, Hfinger does not introduce collisions between malware and benign applications and achieves it by increasing the number of fingerprints by at most 3 times. As a result, Hfinger can effectively track and hunt malware by providing more unique fingerprints than other standard tools.

Download Full-text

A comparative-effectiveness analysis applying a 3 way propensity matching to real-world data from MSBase Registry in preparation for a cost effectiveness model: Patients switching within firstline agents or to Natalizumab or Fingolimod in active RRMS

10.26226/morressier.59a3eda9d462b8028d8957ad ◽

2017 ◽

Author(s):

Tim Spelman

Keyword(s):

Cost Effectiveness ◽

Real World ◽

Comparative Effectiveness ◽

Real World Data ◽

World Data ◽

Effectiveness Analysis ◽

Effectiveness Model ◽

Propensity Matching ◽

Comparative Effectiveness Analysis

Download Full-text

Boosting Instance Segmentation with Synthetic Data: A study to overcome the limits of real world data sets

10.1109/iccvw54120.2021.00110 ◽

2021 ◽

Author(s):

Florentin Poucin ◽

Andrea Kraus ◽

Martin Simon

Keyword(s):

Real World ◽

Synthetic Data ◽

Data Sets ◽

Real World Data ◽

World Data ◽

Instance Segmentation

Download Full-text

Real-World Data for the Evaluation of Transarterial Radioembolization versus Sorafenib in Hepatocellular Carcinoma: A Cost-Effectiveness Analysis

Value in Health ◽

10.1016/j.jval.2016.09.2397 ◽

2017 ◽

Vol 20 (3) ◽

pp. 336-344 ◽

Cited By ~ 13

Author(s):

Carla Rognoni ◽

Oriana Ciani ◽

Silvia Sommariva ◽

Rosanna Tarricone

Keyword(s):

Hepatocellular Carcinoma ◽

Cost Effectiveness ◽

Real World ◽

Cost Effectiveness Analysis ◽

Real World Data ◽

World Data ◽

Transarterial Radioembolization ◽

Effectiveness Analysis

Download Full-text

Comparison of M2M Traffic Models Against Real World Data Sets

2018 IEEE 23rd International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD) ◽

10.1109/camad.2018.8515000 ◽

2018 ◽

Cited By ~ 1

Author(s):

Marco Sansoni ◽

Giuseppe Ravagnani ◽

Daniel Zucchetto ◽

Chiara Pielli ◽

Andrea Zanella ◽

...

Keyword(s):

Real World ◽

Data Sets ◽

Real World Data ◽

Traffic Models ◽

World Data

Download Full-text

Activities for Students: As the Ball Rolls: A Quadratic Investigation Using Multiple Representations

Mathematics Teacher ◽

10.5951/mt.103.1.0062 ◽

2009 ◽

Vol 103 (1) ◽

pp. 62-68

Author(s):

Kathleen Cage Mittag ◽

Sharon Taylor

Keyword(s):

Data Collection ◽

Real Time ◽

Physical Model ◽

Real World ◽

Graphing Calculator ◽

Data Sets ◽

Real World Data ◽

World Data ◽

Hands On ◽

Modeling Data

Using activities to create and collect data is not a new idea. Teachers have been incorporating real-world data into their classes since at least the advent of the graphing calculator. Plenty of data collection activities and data sets exist, and the graphing calculator has made modeling data much easier. However, the authors were in search of a better physical model for a quadratic. We wanted students to see an actual parabola take shape in real time and then explore its characteristics, but we could not find such a hands-on model.

Download Full-text

Comparing ICP variants on real-world data sets

Autonomous Robots ◽

10.1007/s10514-013-9327-2 ◽

2013 ◽

Vol 34 (3) ◽

pp. 133-148 ◽

Cited By ~ 318

Author(s):

François Pomerleau ◽

Francis Colas ◽

Roland Siegwart ◽

Stéphane Magnenat

Keyword(s):

Real World ◽

Data Sets ◽

Real World Data ◽

World Data

Download Full-text

Computing top-k temporal closeness in temporal networks

Knowledge and Information Systems ◽

10.1007/s10115-021-01639-4 ◽

2022 ◽

Author(s):

Lutz Oettershagen ◽

Petra Mutzel

Keyword(s):

Real World ◽

High Probability ◽

Transitive Closure ◽

Closeness Centrality ◽

Data Sets ◽

Temporal Networks ◽

Real World Data ◽

World Data ◽

Temporal Domain ◽

Vertex Sets

AbstractThe closeness centrality of a vertex in a classical static graph is the reciprocal of the sum of the distances to all other vertices. However, networks are often dynamic and change over time. Temporal distances take these dynamics into account. In this work, we consider the harmonic temporal closeness with respect to the shortest duration distance. We introduce an efficient algorithm for computing the exact top-k temporal closeness values and the corresponding vertices. The algorithm can be generalized to the task of computing all closeness values. Furthermore, we derive heuristic modifications that perform well on real-world data sets and drastically reduce the running times. For the case that edge traversal takes an equal amount of time for all edges, we lift two approximation algorithms to the temporal domain. The algorithms approximate the transitive closure of a temporal graph (which is an essential ingredient for the top-k algorithm) and the temporal closeness for all vertices, respectively, with high probability. We experimentally evaluate all our new approaches on real-world data sets and show that they lead to drastically reduced running times while keeping high quality in many cases. Moreover, we demonstrate that the top-k temporal and static closeness vertex sets differ quite largely in the considered temporal networks.

Download Full-text

Verification of statistical oncological endpoints on encrypted data: Confirming the feasibility of real-world data sharing without the need to reveal protected patient information.

Journal of Clinical Oncology ◽

10.1200/jco.2021.39.15_suppl.e18725 ◽

2021 ◽

Vol 39 (15_suppl) ◽

pp. e18725-e18725

Author(s):

Ravit Geva ◽

Barliz Waissengrin ◽

Dan Mirelman ◽

Felix Bokstein ◽

Deborah T. Blumenthal ◽

...

Keyword(s):

Data Sharing ◽

Real World ◽

Clinical Decision Making ◽

Homomorphic Encryption ◽

Data Sets ◽

Real World Data ◽

Data Set ◽

Raw Data ◽

Encrypted Data ◽

World Data

e18725 Background: Healthcare data sharing is important for the creation of diverse and large data sets, supporting clinical decision making, and accelerating efficient research to improve patient outcomes. This is especially vital in the case of real world data analysis. However, stakeholders are reluctant to share their data without ensuring patients’ privacy, proper protection of their data sets and the ways they are being used. Homomorphic encryption is a cryptographic capability that can address these issues by enabling computation on encrypted data without ever decrypting it, so the analytics results are obtained without revealing the raw data. The aim of this study is to prove the accuracy of analytics results and the practical efficiency of the technology. Methods: A real-world data set of colorectal cancer patients’ survival data, following two different treatment interventions, including 623 patients and 24 variables, amounting to 14,952 items of data, was encrypted using leveled homomorphic encryption implemented in the PALISADE software library. Statistical analysis of key oncological endpoints was blindly performed on both the raw data and the homomorphically-encrypted data using descriptive statistics and survival analysis with Kaplan-Meier curves. Results were then compared with an accuracy goal of two decimals. Results: The difference between the raw data and the homomorphically encrypted data results, regarding all variables analyzed was within the pre-determined accuracy range goal, as well as the practical efficiency of the encrypted computation measured by run time, are presented in table. Conclusions: This study demonstrates that data encrypted with Homomorphic Encryption can be statistical analyzed with a precision of at least two decimal places, allowing safe clinical conclusions drawing while preserving patients’ privacy and protecting data owners’ data assets. Homomorphic encryption allows performing efficient computation on encrypted data non-interactively and without requiring decryption during computation time. Utilizing the technology will empower large-scale cross-institution and cross- stakeholder collaboration, allowing safe international collaborations. Clinical trial information: 0048-19-TLV. [Table: see text]

Download Full-text