Traffic Analysis Articles

Analysis of Covert C2 Channels via HTTP/HTTPS: Traffic Encryption Patterns, Anomaly Detection, and Defense Strategies

2025-11-30 by boardor

Malicious code typically relies on C2 (Command and Control) channels to communicate with attackers, receiving instructions and leaking data. Analyzing the traffic characteristics of C2 channels aids in the detection and defense against malicious code. C2 Channel Traffic Characteristics 1. Communication Patterns： • Periodic Heartbeats：Malicious code may periodically send heartbeat packets to the C2 server … Read more

Smart Home Privacy Exposed? CUHK and Others Use LSTM to Tackle IoT Security Settings

2025-11-25 by boardor

Original by Machine Heart Author: Lu Xinfeng Editor: Joni In August of this year, Professor Zhang Kehua’s research group at the Chinese University of Hong Kong published a paper on arXiv, showcasing their research on the privacy of smart homes. The authors attempted to use an LSTM model to predict active devices in smart homes. … Read more

Common Application Layer Protocols: Analyzing HTTP from a Traffic Perspective (Part 3)

2025-09-18 by boardor

Introduction In the previous article, “Common Application Layer Protocols: Analyzing HTTP from a Traffic Perspective (Part 2),” we introduced the concept, principles, development history, traffic decoding, and simple analysis methods of the HTTP protocol from a traffic analysis perspective. We also discussed two important metrics: request methods and status codes. Today, we bring you the … Read more

2022 CISCN Preliminary ez_usb WriteUp

2025-05-23 by boardor

This article is an excellent article from the Kx forum, author ID: wx_莫克斯 Preparation USB Protocol Specifications l USB UARTl USB HIDl USB Memory The one at the top is the standard serial port implementation, which can connect to MCUs like STM32 or ESP8266 via USB. The middle one can be used for BadUSB (to … Read more