Unsupervised detection of botnet activities using frequent pattern tree mining
نویسندگان
چکیده
Abstract A botnet is a network of remotely-controlled infected computers that can send spam, spread viruses, or stage denial-of-service attacks, without the consent computer owners. Since beginning 21st century, activities have steadily increased, becoming one major concerns for Internet security. In fact, are more and difficult to be detected, because they make use Peer-to-Peer protocols (eMule, Torrent, Frostwire, Vuze, Skype many others). To improve detectability activities, this paper introduces idea association analysis in field data mining, proposes system detect botnets based on FP-growth (Frequent Pattern Tree) frequent item mining algorithm. The detection composed three parts: packet collection processing, rule statistical rules. Its characteristic feature rule-based classification different behaviors fast unsupervised fashion. effectiveness approach validated scenario with 11 host PCs, 42063 Non-Peer-to-Peer 17 PCs (Storm, Waledac Zeus). recognition accuracy proposed architecture shown above 94%. method results reported literature.
منابع مشابه
Http Botnet Detection Using Frequent Patternset Mining
Among the diverse forms of malware, Botnet is the most widespread and serious threat which occurs commonly in today's cyberattacks. A botnet is a group of compromised computers which are remotely controlled by hackers to launch various network attacks, such as DDoS attack, spam, click fraud, identity theft and information phishing. The defining characteristic of botnets is the use of command an...
متن کاملFrequent Pattern Mining using CATSIM Tree
Efficient algorithms to discover frequent patterns are essential in data mining research. Frequent pattern mining is emerging as powerful tool for many business applications such as e-commerce, recommender systems and supply chain management and group decision support systems to name a few. Several effective data structures, such as two-dimensional arrays, graphs, trees and tries have been prop...
متن کاملVisual Object Detection using Frequent Pattern Mining
Object search in a visual scene is a highly challenging and computationally intensive task. Most of the current object detection techniques extract features from images for classification. From the results of these techniques it can be observed that the feature extraction approach works well for single images but are not sufficient for generalizing over a variety of object instances of the same...
متن کاملA Combintorial Tree based Frequent Pattern Mining
Frequent pattern mining is a process of extracting frequently occurring itemset patterns from very large data storages. These frequent patterns are used to generate association rules which define the relationship among items. The strength of the relationship can be measured using two different units namely support value and confidence level. Any relationship that satisfies minimum threshold of ...
متن کاملEfficient single-pass frequent pattern mining using a prefix-tree
The FP-growth algorithm using the FP-tree has been widely studied for frequent pattern mining because it can dramatically improve performance compared to the candidate generation-and-test paradigm of Apriori. However, it still requires two database scans, which are not consistent with efficient data stream processing. In this paper, we present a novel tree structure, called CP-tree (compact pat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Complex & Intelligent Systems
سال: 2021
ISSN: ['2198-6053', '2199-4536']
DOI: https://doi.org/10.1007/s40747-021-00281-5