HyperVision
Flow Interaction Graph based attack traffic detection system.
Install / Use
/learn @fuchuanpu/HyperVisionREADME
HyperVision
A demo of the flow interaction graph based attack traffic detection system, i.e., HyperVision:
Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow Interaction Graph Analysis
In the $30^{th}$ Network and Distributed System Security Symposium (NDSS'23).
Chuanpu Fu, Qi Li, and Ke Xu.
The new CDN for the dataset has been successfully established. Please feel free to explore and utilize it! 🍺
0x00 Hardware
- AWS EC2 c4.4xlarge, 100GB SSD, canonical
Ubuntu22.04 LTS (amd64, 3/3/2023). - Tencent Cloud CVM, with similar OS and hardware configurations.
0x01 Software
The demo can be built from a clean Ubuntu env.
# Establish env.
git clone https://github.com/fuchuanpu/HyperVision.git
cd HyperVision
sudo ./env/install_all.sh
# Download dataset.
wget https://www.hypervision.fuchuanpu.xyz/hypervision-dataset.tar.gz
tar -xxf hypervision-dataset.tar.gz
rm $_
# Build and run HyperVision.
./script/rebuild.sh
./script/expand.sh
cd build && ../script/run_all_brute.sh && cd ..
# Analyze the results.
cd ./result_analyze
./batch_analyzer.py -g brute
cat ./log/brute/*.log | grep AU_ROC
cd -
0x02 Reference
@inproceedings{NDSS23-HyperVision,
author = {Chuanpu Fu and
others},
title = {Detecting Unknown Encrypted Malicious Traffic in Real Time via Flow
Interaction Graph Analysis},
booktitle = {NDSS},
publisher = {ISOC},
year = {2023}
}
Related Skills
node-connect
343.3kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
92.1kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
343.3kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
343.3kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
