Botnet detection via mining of traffic flow characteristics. (February 2016)
- Record Type:
- Journal Article
- Title:
- Botnet detection via mining of traffic flow characteristics. (February 2016)
- Main Title:
- Botnet detection via mining of traffic flow characteristics
- Authors:
- Kirubavathi, G.
Anitha, R. - Abstract:
- Highlights: A new traffic flow behavior analysis method has been proposed to detect botnets irrespective of their control structures. Benchmark datasets collected from various sources, such as ISOT Botnet dataset from University of Victoria, Conficker dataset from CAIDA, dataset from CVUT University, dataset from Dalhousie University and dataset from Centro University. It can successfully detect the various types of botnets with a high detection rate and a low false positive rate. Graphical abstract: Abstract: Botnet is one of the most serious threats to cyber security as it provides a distributed platform for several illegal activities. Regardless of the availability of numerous methods proposed to detect botnets, still it is a challenging issue as botmasters are continuously improving bots to make them stealthier and evade detection. Most of the existing detection techniques cannot detect modern botnets in an early stage, or they are specific to command and control protocol and structures. In this paper, we propose a novel approach to detect botnets irrespective of their structures, based on network traffic flow behavior analysis and machine learning techniques. The experimental evaluation of the proposed method with real-world benchmark datasets shows the efficiency of the method. Also, the system is able to identify the new botnets with high detection accuracy and low false positive rate.
- Is Part Of:
- Computers & electrical engineering. Volume 50(2016)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 50(2016)
- Issue Display:
- Volume 50, Issue 2016 (2016)
- Year:
- 2016
- Volume:
- 50
- Issue:
- 2016
- Issue Sort Value:
- 2016-0050-2016-0000
- Page Start:
- 91
- Page End:
- 101
- Publication Date:
- 2016-02
- Subjects:
- Botnet detection -- Network flows -- Small packets -- Packet ratio -- Bot response packet ratio -- Novelty detection
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2016.01.012 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7474.xml