Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection
نویسندگان
چکیده
منابع مشابه
A fuzzy pattern-based filtering algorithm for botnet detection
Please cite this article in press as: K. Wang et doi:10.1016/j.comnet.2011.05.026 Botnet has become a popular technique for deploying Internet crimes. Although signaturebased bot detection techniques are accurate, they could be useless when bot variants are encountered. Therefore, behavior-based detection techniques become attractive due to their ability to detect bot variants and even unknown ...
متن کاملAn Algorithm for Anomaly-based Botnet Detection
We present an anomaly-based algorithm for detecting IRC-based botnet meshes. The algorithm combines an IRC mesh detection component with a TCP scan detection heuristic called the TCP work weight. The IRC component produces two tuples, one for determining the IRC mesh based on IP channel names, and a sub-tuple which collects statistics (including the TCP work weight) on individual IRC hosts in c...
متن کاملPeer-to-Peer Botnet Detection Using NetFlow Master Thesis
. Abstract . . Traditional botnets use a centralized communications architecture where all the bots connect to Command and Control (C&C) servers. These servers are the weak point of the botnet, as they are easy targets for take down and monitoring. Peer-to-peer (p2p) botnets have a distributed architecture, which make them more resilient. This research aims at the detection of individual p2p bo...
متن کاملTowards Efficient and Privacy-Preserving Network-Based Botnet Detection Using Netflow Data
Botnets pose a severe threat to the security of Internet-connected hosts and the availability of the Internet's infrastructure. In recent years, botnets have attracted many researchers. As a result, many achievements in studying different botnets' anatomies have been made and approaches to botnet detection have been developed. However, most of these approaches target at botnet detection using r...
متن کاملMining NetFlow Records for Critical Network Activities
Current monitoring of IP flow records is challenged by the required analysis of large volume of flow records. Finding essential information is equivalent to searching for a needle in a haystack. This analysis can reach from simple counting of basic flow level statistics to complex data mining techniques. Some key target objectives are for instance the identification of malicious traffic as well...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Security and Communication Networks
سال: 2017
ISSN: 1939-0114,1939-0122
DOI: 10.1155/2017/6047053