Performance Evaluation of DCA and SRC on a Single Bot Detection
نویسندگان
چکیده
Malicious users try to compromise systems using new techniques. One of the recent techniques used by the attacker is to perform complex distributed attacks such as denial of service and to obtain sensitive data such as password information. These compromised machines are said to be infected with malicious software termed a “bot”. In this paper, we investigate the correlation of behavioural attributes such as keylogging and packet flooding behaviour to detect the existence of a single bot on a compromised machine by applying (1) Spearman’s rank correlation (SRC) algorithm and (2) the Dendritic Cell Algorithm (DCA). We also compare the output results generated from these two methods to the detection of a single bot. The results show that the DCA has a better performance in detecting malicious activities.
منابع مشابه
Performance evaluation of block-based copy- move image forgery detection algorithms
Copy-move forgery is a particular type of distortion where a part or portions of one image is/are copied to other parts of the same image. This type of manipulation is done to hide a particular part of the image or to copy one or more objects into the same image. There are several methods for detecting copy-move forgery, including block-based and key point-based methods. In this paper, a method...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملUser Traffic Profile for Traffic Reduction and Effective Bot C&C Detection
Bots are malicious software components used for generating spams, launching denial of service attacks, phishing, identity theft and information exfiltration and such other illegal activities. Bot detection is an area of active research in recent times. Here we propose a bot detection mechanism for a single host. A user traffic profile is used to filter out normal traffic generated by the host. ...
متن کاملBotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملOnline multiple people tracking-by-detection in crowded scenes
Multiple people detection and tracking is a challenging task in real-world crowded scenes. In this paper, we have presented an online multiple people tracking-by-detection approach with a single camera. We have detected objects with deformable part models and a visual background extractor. In the tracking phase we have used a combination of support vector machine (SVM) person-specific classifie...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1004.3919 شماره
صفحات -
تاریخ انتشار 2009