A Closer Look at the HTTP and P2P Based Botnets from a Detector’s Perspective
作者: Fariba Haddadi , A. Nur Zincir-Heywood
DOI: 10.1007/978-3-319-30303-1_13
关键词:
摘要: Botnets are one of the main aggressive threats against cybersecurity. To evade detection systems, recent botnets use most common communication protocols on Internet to hide themselves in legitimate users traffic. From this perspective, HTTP based and/or Peer-to-Peer (P2P) systems. In work, we investigate whether such structural differences have any impact performance botnet end, studied three machine learning techniques (Decision Tree, Genetic Programming and Bayesian Networks). The investigated approaches been previously shown effective for botnets. We also analyze models detail highlight behavioural between these two types our analysis, employed four publicly available data sets (namely Citadel, Zeus, Conficker Virut) P2P ISOT, NSIS, ZeroAccess Kelihos).
springer.com
sci-hub.st 参考文章(15)
G. Kirubavathi Venkatesh, R. Anitha Nadarajan, HTTP botnet detection using adaptive learning rate multilayer feed-forward neural network international conference information security theory and practice. pp. 38- 48 ,(2012) , 10.1007/978-3-642-30955-7_5
Fariba Haddadi, Duc Le Cong, Laura Porter, A. Nur Zincir-Heywood, On the Effectiveness of Different Botnet Detection Approaches Information Security Practice and Experience. pp. 121- 135 ,(2015) , 10.1007/978-3-319-17533-1_9
Son T., Mohammed S., Advanced Methods for Botnet Intrusion Detection Systems InTech. ,(2011) , 10.5772/15401
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda, Automatically generating models for botnet detection european symposium on research in computer security. pp. 232- 249 ,(2009) , 10.1007/978-3-642-04444-1_15
Peter Lichodzijewski, Malcolm I. Heywood, Coevolutionary bid-based genetic programming for problem decomposition in classification Genetic Programming and Evolvable Machines. ,vol. 9, pp. 331- 365 ,(2008) , 10.1007/S10710-008-9067-9
David Zhao, Issa Traore, Bassam Sayed, Wei Lu, Sherif Saad, Ali Ghorbani, Dan Garant, Botnet detection based on traffic behavior analysis and flow intervals Computers & Security. ,vol. 39, pp. 2- 16 ,(2013) , 10.1016/J.COSE.2013.04.007
Fariba Haddadi, Dylan Runkel, A. Nur Zincir-Heywood, Malcolm I. Heywood, On botnet behaviour analysis using GP and C4.5 genetic and evolutionary computation conference. pp. 1253- 1260 ,(2014) , 10.1145/2598394.2605435
Fariba Haddadi, A. Nur Zincir-Heywood, Botnet Detection System Analysis on the Effect of Botnet Evolution and Feature Representation genetic and evolutionary computation conference. pp. 893- 900 ,(2015) , 10.1145/2739482.2768435
S. García, M. Grill, J. Stiborek, A. Zunino, An empirical comparison of botnet detection methods Computers & Security. ,vol. 45, pp. 100- 123 ,(2014) , 10.1016/J.COSE.2014.05.011
Elaheh Biglar Beigi, Hossein Hadian Jazi, Natalia Stakhanova, Ali A. Ghorbani, Towards effective feature selection in machine learning-based botnet detection approaches communications and networking symposium. pp. 247- 255 ,(2014) , 10.1109/CNS.2014.6997492