Detecting Malicious Traffic in HTTP Headers

“In the battle against malicious traffic and infected websites,
security researchers are always looking for new avenues of
detection. According to Trustwave Security Researcher Rodrigo
Montoro, one such approach could come from an analysis of HTTP
headers to detect potentially malicious traffic.

Speaking at the SecTOR security conference in Toronto, Montoro
detailed his approach toward scoring HTTP headers to help identify
infected websites. Montoro explained that a signature-based
approach can’t scale properly, which is why he set out to find a
new way forward.

Complete Story