For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Capturing Mobile User Behaviors: A Network Measurement Approach
p.1494
Model Construction and Degree Distribution of Industrial Cluster Complex Network
p.1498
Research Based on the HowNet Semantic Expansion Micro-Blog Hot Topic Detection System
p.1502
Component Based Method for Usability Testing of a Website
p.1507
A Detection Method for Botnet Based on Behavior Features
p.1512
Application of Data Mining in the Guidance of Sports Training
p.1518
Information Hiding and Extracting in Printed Chinese Documents by Missing Feature Method
p.1524
Intelligent Information Retrieval System Based on Muti-Agent Model
p.1529
Research on P2P Resources Search Algorithm Based on Cloud Computing
p.1533

A Detection Method for Botnet Based on Behavior Features

Article Preview

Abstract:

How to detect Botnet has become a very important problem in security network. The existent detection methods based on network traffic and host behaviors cant handle the emergency Botnets. In this paper we present an optimized method to analyze the similarity and time period of Botnets behaviors. In the end, our method gets an effective result. Our method uses the IDS-like architecture, which develops six specific components to detect six important Botnets abnormal behaviors. And it builds correlation rules to calculate match score. Through the experiments described in the paper, we can see that our method can not only detect already known Botnets precisely, but also detect unknown Botnets to some extent. The experiments prove that our method is effective and it has some advantages compared with other methods. At last, the paper proposes the future direction and the points that need to be improved.

You might also be interested in these eBooks
Advanced Information and Computer Technology in Engineering and Manufacturing, Environmental Engineering View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 765-767)

Pages:

1512-1517

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.765-767.1512

Citation:

Cite this paper

Online since:

September 2013

Authors:

Wei Ming Li, Song Lin Xie, Jie Luo, Xiao Dong Zhu

Keywords:

Behaviors Feature, Botnet, Network Security, Similarity

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] T. Strayer, D. Lapsley, R. Walsh, and C. Livadas, Botnet detection based on network behavior, Botnet Detection: Countering the Largest Security Threat, in Series: Advances in Information Security, Vol. 36, W. K. Lee, C. Wang, D. Dagon, (Eds. ), Springer, 2008, pp.1-24.

DOI: 10.1007/978-0-387-68768-1_1

Google Scholar

[2] C. Livadas, R. Walsh, D. Lapsley, T. Strayer, Using machine learning techniques to identify botnet traffic, in Proceedings 2006 31st IEEE Conference on Local Computer Networks, 2006, pp.967-974.

DOI: 10.1109/lcn.2006.322210

Google Scholar

[3] J.R. Binkley and S. Singh, An algorithm for anomaly-based botnet detection, USENIX SRUTI: 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet, 2006, pp.43-48.

Google Scholar

[4] A. Karasaridis, B. Rexroad, and D. Hoeflin, Wide-scale botnet detection and characterization, in Proceedings of the 1st Conference on 1st Workshop on Hot Topics in Understanding Botnets, Cambridge, MA, (2007).

Google Scholar

[5] G. Gu, P. Porras, V. Yegneswaran, M. Fong, W. Lee. Bothunter: Detecting malware infection through ids-driven dialog correlation, in 16th USENIX Security Symposium, (2007).

Google Scholar

[6] G.F. Gu, J.J. Zhang, and W.K. Lee, BotSniffer: detecting botnet command and control channels in network traffic, in Proceedings of the 15th Annual Network and Distributed System Security Symposium, San Diego, CA, (2008).

Google Scholar

[7] G.F. Gu, R. Perdisci, J.J. Zhang, and W.K. Lee. BotMiner: clustering analysis of network traffic for protocol- and structure-independent Botnet detection, in Proceedings of the 17th USENIX Security Symposium, San Jose, CA, (2008).

Google Scholar

[8] H. Choi, H. Lee, H. Lee, and H. Kim, Botnet detection by monitoring group activities in DNS traffic, in Proceedings of the 7th IEEE International Conference on Computer and Information Technology, Washington D.C., USA, 2007, pp.715-720.

DOI: 10.1109/cit.2007.90

Google Scholar

[9] The Honeynet Project. Know Your Enemy: Fast-Flux Service Networks, (2007).

Google Scholar

[10] T. Holz, C. Gorecki, K. Rieck, and F. C. Freiling. Measuring and detecting fast-flux service networks. In Proc. network and Distributed System Security Symposium, (2008).

Google Scholar

[11] Information on http: /www. clamav. net/lang/en.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.