An Effective Conversation-Based Botnet Detection Method. (9th April 2017)
- Record Type:
- Journal Article
- Title:
- An Effective Conversation-Based Botnet Detection Method. (9th April 2017)
- Main Title:
- An Effective Conversation-Based Botnet Detection Method
- Authors:
- Chen, Ruidong
Niu, Weina
Zhang, Xiaosong
Zhuo, Zhongliu
Lv, Fengmao - Other Names:
- Li Lixiang Academic Editor.
- Abstract:
- Abstract : A botnet is one of the most grievous threats to network security since it can evolve into many attacks, such as Denial-of-Service (DoS), spam, and phishing. However, current detection methods are inefficient to identify unknown botnet. The high-speed network environment makes botnet detection more difficult. To solve these problems, we improve the progress of packet processing technologies such as New Application Programming Interface (NAPI) and zero copy and propose an efficient quasi-real-time intrusion detection system. Our work detects botnet using supervised machine learning approach under the high-speed network environment. Our contributions are summarized as follows: (1) Build a detection framework using PF_RING for sniffing and processing network traces to extract flow features dynamically. (2) Use random forest model to extract promising conversation features. (3) Analyze the performance of different classification algorithms. The proposed method is demonstrated by well-known CTU13 dataset and nonmalicious applications. The experimental results show our conversation-based detection approach can identify botnet with higher accuracy and lower false positive rate than flow-based approach.
- Is Part Of:
- Mathematical problems in engineering. Volume 2017(2017)
- Journal:
- Mathematical problems in engineering
- Issue:
- Volume 2017(2017)
- Issue Display:
- Volume 2017, Issue 2017 (2017)
- Year:
- 2017
- Volume:
- 2017
- Issue:
- 2017
- Issue Sort Value:
- 2017-2017-2017-0000
- Page Start:
- Page End:
- Publication Date:
- 2017-04-09
- Subjects:
- Engineering mathematics -- Periodicals
510.2462 - Journal URLs:
- https://www.hindawi.com/journals/mpe/ ↗
http://www.gbhap-us.com/journals/238/238-top.htm ↗ - DOI:
- 10.1155/2017/4934082 ↗
- Languages:
- English
- ISSNs:
- 1024-123X
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 10302.xml