Challenges in Experimenting with Botnet Detection Systems
نویسندگان
چکیده
In this paper, we examine the challenges faced when evaluating botnet detection systems. Many of these challenges stem from difficulties in obtaining and sharing diverse sets of real network traces, as well as determining a botnet ground truth in such traces. On the one hand, there are good reasons why network traces should not be shared freely, such as privacy concerns, but on the other hand, the resulting data scarcity complicates quantitative comparisons to other work and conducting independently repeatable experiments. These challenges are similar to those faced by researchers studying large-scale distributed systems only a few years ago, and researchers were able to overcome many of the challenges by collaborating to create a global testbed, namely PlanetLab. We speculate that a similar system for botnet detection research could help overcome the challenges in this domain, and we briefly discuss the associated research directions.
منابع مشابه
BotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کاملBotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملPerformance of Botnet Detection by Neural Networks in Software-Defined Networks
The recent evolution of Internet to new paradigms such as network function virtualization and software defined networking poses new relevant challenges to the detection of Botnet attacks, calling for innovative approaches. In this work we propose a detection mechanism based on an Artificial Neural Net classifier trained by available data sets collected in conventional networks. We apply such de...
متن کاملA Collaborative Security: A Survey and Taxonomy
Security is oftentimes centrally managed. An alternative trend of using collaboration in order to improve security has gained momentum over the past few years. Collaborative security is an abstract concept that applies to a wide variety of systems, and has been used to solve security issues inherent in distributed environments. Thus far, collaboration has been used in many domains such as intru...
متن کاملA Survey on Botnet Command and Control Traffic Detection
Internet users have been attacked by widespread email viruses earlier, but now scenario has been changed. Now attackers are no more interested to just attract media attention by infecting a large number of computers on the network; in fact, their interest has been shifted to compromising and controlling the infected computers for their personal profits. This new attack trend brings the concept ...
متن کامل