Automatically classifying unknown bots by the register messages

The ever-increasing number of malware/botnet samples demands efficient and scalable classification solution for better detection and prevention. C&C protocol based classification has proved to be effective and accurate. However, it’s not trivial to acquire new samples’ detailed C&C protocol, which decreases the scalability of C&C based classification. In this talk