The general purpose of this final project is to explore whether malicious traffic classification system’s accuracy will drop due to the use of new internet protocols.
Our assumption is that many dangerous malware programs already exist in many victims' machines which communicating through a C&C.
Due to our assumption, we focused our main effort on creating the traffic of the C&C based on the new protocols DoH and HTTP3.
In this project we were divided into three different teams which eventually each team’s work will be combined in order to build the whole system.
Our team’s main goal was initially to build the infrastructure of the project. During our work, our main effort was shifted towards creating a malware and supply DNS & HTTP malware packets using Cobalt Strike system