@TechReport{Franc-TR-2014-18,
  IS = { zkontrolovano 02 Jan 2015 },
  UPDATE  = { 2014-12-19 },
  author =	 {Franc, Vojt{\v e}ch and Barto{\v s}, Karel and Sofka, Michal
                  and Somol, Petr and Matas, Ji{\v r}{\'i}},
  affiliation = {13133-NULL-NULL-NULL-13133},
  title =	 {Learning detector of malicious network communication from
                  data},
  institution =	 {Center for Machine Perception, K13133 FEE Czech Technical
                  University},
  address =	 {Prague, Czech Republic},
  year =	 {2014},
  month =	 {November},
  type =	 {Research Report},
  number =	 {CTU--CMP--2014--18},
  issn =	 {1213-2365},
  pages =	 {10},
  figures =	 {6},
  authorship =	 {50-15-15-10-10},
  project =	 {8301351C001},
  annote =	 {
  This report summarizes our effort which was dedicated to the problem of
  learning detectors of a malicious network communication from data. We
  concentrated on two problems. First, improving the currently used manually
  created layer-two (L2) detector by using the Support Vector Machine detector
  learned from examples. We showed that L2-detectors learned automatically from
  examples have slightly yet consistently better accuracy than the manually
  created one.  Second, we concentrated on designing tools helping to discover
  new instances of malicious communication in a large pool of unannotated
  data. We developed a method producing a ranked list of unannotated examples
  highly suspected from being malicious. The method helped to identify new
  instances of malicious communication in records of real network traffic.},
  keywords =	 {computer security, malware detection, support vector
                  machines},
  comment =	 {Confidential. },
}