The popularity of the Internet of Things (IoT) devices makes it increasingly important to be
able to fingerprint them, for example in order to detect if there are misbehaving or even …

Finite state models, such as Mealy machines or state charts, are often used to express and
specify protocol and software behavior. Consequently, these models are often used in …

Botnets are one of the most dangerous and serious cybersecurity threats since they are a
major vector of large-scale attack campaigns such as phishing, distributed denial-of-service …

Anomaly-based intrusion detection methods aim to combat the increasing rate of zero-day
attacks, however, their success is currently restricted to the detection of high-volume attacks …

We present the efficient implementations of probabilistic deterministic finite automaton
learning methods available in FlexFringe. These implement well-known strategies for state …

Malware family labels are known to be inconsistent. They are also black-box since they do
not represent the capabilities of malware. The current state of the art in malware capability …

Modern network infrastructures host converged applications that demand rapid elasticity of
services, increased security, and ultra-fast reaction times. The Tactile Internet promises to …

Active learning algorithms to infer probabilistic finite automata (PFA) have gained interest
recently, due to their ability to provide surrogate models for some types of neural networks …

In this chapter, we use K-means clustering to analyze various relationships between
malware samples. We consider a dataset comprising 20 malware families with 1000 …

With rapidly evolving threat landscape surrounding malware, intelligent defenses based on
machine learning are paramount. In this chapter, we review the literature proposed in the …