Capítulo de Libro
Detecting botnet traffic from a single host
Título del libro: Handbook of research on emerging developments in data privacy
García, Sebastián
; Zunino Suarez, Alejandro Octavio
; Campo, Marcelo Ricardo
; Zunino Suarez, Alejandro Octavio
; Campo, Marcelo Ricardo
Otros responsables:
Gupta, Manish
Fecha de publicación:
2015
Editorial:
IGI Publishing
ISBN:
978-1-4666-7381-6
Idioma:
Inglés
Clasificación temática:
Resumen
The detection of bots and botnets in the network may be improved if the analysis is done on the traffic of one bot alone. While a botnet may be detected by correlating the behavior of several bots in a large amount of traffic, one bot alone can be detected by analyzing its unique trends in less traffic. The algorithms to differentiate the traffic of one bot from the normal traffic of one computer may take advantage of these differences. The authors propose to detect bots in the network by analyzing the relationships between flow features in a time window. The technique is based on the Expectation-Maximization clustering algorithm. To verify the method they designed test-beds and obtained a dataset of six different captures. The results are encouraging, showing a true positive error rate of 99.08% with a false positive error rate of 0.7%.
Palabras clave:
Malware
,
Botnets
,
Unsupervised Machine Learning
,
Cumputer Security
Archivos asociados
Tamaño:
2Mb
Formato:
PDF
Licencia
Excepto donde se diga explícitamente, este item se publica bajo la siguiente descripción:
Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Unported (CC BY-NC-SA 2.5)
Identificadores
Colecciones
Capítulos de libros(ISISTAN)
Capítulos de libros de INSTITUTO SUPERIOR DE INGENIERIA DEL SOFTWARE
Capítulos de libros de INSTITUTO SUPERIOR DE INGENIERIA DEL SOFTWARE
Citación
García, Sebastián; Zunino Suarez, Alejandro Octavio; Campo, Marcelo Ricardo; Detecting botnet traffic from a single host; IGI Publishing; 2015; 426-446
Compartir
Altmétricas