Details
| DOI: | 10.1109/NetSoft48620.2020.9165537 |
|---|---|
| Publication type: | Conference paper |
| Conference: | NetSoft 2020: IEEE International Conference on Network Softwarization |
| Location: | Virtual |
| Online publication date: | 2020-08-12 |
Abstract
The “arm race” against malware developers requires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfortunately, this process could be time-consuming, lack of scalability and cause performance degradations within computing and network nodes. Moreover, since the detection of steganographic threats is poorly generalizable, being able to collect attack-independent indicators is of prime importance. To this aim, the paper proposes to take advantage of the extended Berkeley Packet Filter to gather data for detecting stegomalware. To prove the effectiveness of the approach, it also reports some preliminary experimental results obtained as the joint outcome of two H2020 Projects, namely ASTRID and SIMARGL.
Authors
- Alessandro Carrega
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Inter-University Consortium for Telecommunications
Italy - Luca Caviglione
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Matteo Repetto
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Marco Zuppelli
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy