A comparison of stream mining algorithms on botnet detection
作者: Guilherme Henrique Ribeiro , Elaine R. de Faria Paiva , Rodrigo Sanches Miani
关键词: Flow network 、 Algorithm 、 Attack surface 、 Botnet 、 Evaluation strategy 、 Communications protocol 、 Data stream mining 、 Computer science 、 Cryptocurrency 、 Intrusion detection system
摘要: Recent botnet activities targeting IoT infrastructure and turning computing devices into cryptocurrency miners indicate an increase in the attack surface capabilities. These facts emphasize importance of investigating alternative methods for detecting botnets. One them is using stream mining algorithms to classify malicious network traffic. Although some initiatives seek adopt strategies detect botnets, several research topics still need be discussed. Our goal compare use single ensemble-based identify flows. Since obtaining examples flows could a hassle security managers, we also investigate whether ensembles reduce number labeled instances required update classification model. results that Ozaboost algorithm with prequential evaluation strategy outperforms other selected algorithms. We found characteristics (C&C communication protocol) requires less while maintains high performance.
acm.org
sci-hub.st 参考文章(23)
Douglas E. Comer, The Internet Book: Everything You Need to Know about Computer Networking and How the Internet Works ,(1994)
Sérgio S.C. Silva, Rodrigo M.P. Silva, Raquel C.G. Pinto, Ronaldo M. Salles, Botnets: A survey Computer Networks. ,vol. 57, pp. 378- 403 ,(2013) , 10.1016/J.COMNET.2012.07.021
Geoff Hulten, Laurie Spencer, Pedro Domingos, Mining time-changing data streams knowledge discovery and data mining. pp. 97- 106 ,(2001) , 10.1145/502512.502529
Dewan Md. Farid, Li Zhang, Alamgir Hossain, Chowdhury Mofizur Rahman, Rebecca Strachan, Graham Sexton, Keshav Dahal, An adaptive ensemble classifier for mining concept drifting data streams Expert Systems With Applications. ,vol. 40, pp. 5895- 5906 ,(2013) , 10.1016/J.ESWA.2013.05.001
Sheharbano Khattak, Naurin Rasheed Ramay, Kamran Riaz Khan, Affan A. Syed, Syed Ali Khayam, A Taxonomy of Botnet Behavior, Detection, and Defense IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 898- 924 ,(2014) , 10.1109/SURV.2013.091213.00134
S. García, M. Grill, J. Stiborek, A. Zunino, An empirical comparison of botnet detection methods Computers & Security. ,vol. 45, pp. 100- 123 ,(2014) , 10.1016/J.COSE.2014.05.011
Jelena Mirkovic, Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms acm special interest group on data communication. ,vol. 34, pp. 39- 53 ,(2004) , 10.1145/997150.997156
Sebastián García, Alejandro Zunino, Marcelo Campo, Survey on network-based botnet detection methods Security and Communication Networks. ,vol. 7, pp. 878- 903 ,(2014) , 10.1002/SEC.800
Kamal Alieyan, Ammar ALmomani, Ahmad Manasrah, Mohammed M. Kadhum, A survey of botnet detection based on DNS Neural Computing and Applications. ,vol. 28, pp. 1541- 1558 ,(2017) , 10.1007/S00521-015-2128-0
Shree Garg, Sateesh K. Peddoju, Anil K. Sarje, Scalable P2P bot detection system based on network data stream Peer-to-peer Networking and Applications. ,vol. 9, pp. 1209- 1225 ,(2016) , 10.1007/S12083-016-0440-9