Accurate Detection of Peer-to-Peer Botnet using Multi-Stream Fused Scheme

نویسندگان

  • Jian Kang
  • Yuan-Zhang Song
  • Jun-Yao Zhang
چکیده

Nowadays decentralized botnets pose a great threat to Internet. They evolve new features such as P2P Command and Control(C&C), which makes traditional detection methods no longer effective for indicating the existence of the bots. In this paper, based on several of the new P2P botnet characteristic properties, we propose a novel real-time detecting model – MSFM (Multi-Stream Fused Model). MSFM considers multiple types of packets’ unique characteristics and handle them with corresponding strategies. Extensive experiment results show that our model can accurately detect peer-to-peer botnet with relatively low false-positive and false-negative rates.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Mining Concept-Drifting Data Stream to Detect Peer to Peer Botnet Traffic

We propose a novel stream data classification technique to detect Peer to Peer botnet. Botnet traffic can be considered as stream data having two important properties: infinite length and drifting concept. Thus, stream data classification technique is more appealing to botnet detection than simple classification technique. However, no other botnet detection approaches so far have applied stream...

متن کامل

Peer to Peer Botnet Detection System

-In this upcoming highly engaged traffic calls in the Peer to Peer (P2P) botnets the high scalability of detection systems is going down. Where the botmasters adopt modern system to detect traffic which ends in the malicious activities and poor scalability. So in this paper, we proposed a highly scalable botnet detection system for a stealthy peer to peer botnets. In this p2p detection it will ...

متن کامل

A Survey of Botnet Detection Techniques by Command and Control Infrastructure

Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This survey reviewed the history of botnets and botnet detection techniques. The survey showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting p...

متن کامل

A Survey on Botnet Architectures, Detection and Defences

Botnets are known to be one of the most serious Internet security threats. In this survey, we review botnet architectures and their controlling mechanisms. Botnet infection behavior is explained. Then, known botnet models are outlined to study botnet design. Furthermore, Fast-Flux Service Networks (FFSN) are discussed in great details as they play an important role in facilitating botnet traffi...

متن کامل

Real-time Peer-to-Peer Botnet Detection Framework based on Bayesian Regularized Neural Network

Over the past decade, the Cyberspace has seen an increasing number of attacks coming from botnets using the Peer-to-Peer (P2P) architecture. Peer-to-Peer botnets use a decentralized Command & Control architecture. Moreover, a large number of such botnets already exist, and newer versionswhich significantly differ from their parent botare also discovered practically every year. In this work, the...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • JNW

دوره 6  شماره 

صفحات  -

تاریخ انتشار 2011