@article{oai:ipsj.ixsq.nii.ac.jp:00098534,
 author = {Yusuke, Otsuki and Masatsugu, Ichino and Soichi, Kimura and Mitsuhiro, Hatada and Hiroshi, Yoshiura and Yusuke, Otsuki and Masatsugu, Ichino and Soichi, Kimura and Mitsuhiro, Hatada and Hiroshi, Yoshiura},
 issue = {2},
 journal = {情報処理学会論文誌},
 month = {Feb},
 note = {Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types―worm, Trojan horse, and file-infected virus―and the most effective features were identified for each type.

------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)
DOI http://dx.doi.org/10.2197/ipsjjip.22.376
------------------------------, Analysis of malware-infected traffic data revealed the payload features that are the most effective for detecting infection. The traffic data was attack traffic using the D3M2012 dataset and CCC DATAsets 2009, 2010, and 2011. Traffic flowing on an intranet at two different sites was used as normal traffic data. Since the type of malware (worm, Internet connection confirmation, etc.) affects the type of traffic generated, the malware was divided into three types―worm, Trojan horse, and file-infected virus―and the most effective features were identified for each type.

------------------------------
This is a preprint of an article intended for publication Journal of
Information Processing(JIP). This preprint should not be cited. This
article should be cited as: Journal of Information Processing Vol.22(2014) No.2 (online)
DOI http://dx.doi.org/10.2197/ipsjjip.22.376
------------------------------},
 title = {Evaluating payload features for malware infection detection},
 volume = {55},
 year = {2014}
}