BOT ONUS: AN ONLINE UNSUPERVISED METHOD FOR BOTNET DETECTION

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

YAHYAZADEH MOSA; ABADI MAHDI

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY Year:2012 | Volume:4 | Issue:1 Page(s): 51-62

Download Full-Text

Persian Verion

View:

702

Download:

130

Cites:

Information Journal Paper

Title

BOT ONUS: AN ONLINE UNSUPERVISED METHOD FOR BOTNET DETECTION

Author(s)

YAHYAZADEH MOSA | ABADI MAHDI | Issue Writer Certificate

Keywords

BOTNET DETECTIONQ2

BOTNET LIFECYCLEQ2

COMMAND AND CONTROL CHANNELQ2

ONLINE CLUSTERINGQ2

Abstract

Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing BOTNET DETECTION methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage of their lifecycle; moreover, they depend on a particular command and control (C&C) protocol. In this paper, we address these issues and propose an online unsupervised method, called BotOnus, for BOTNET DETECTION that does not require a priori knowledge of botnets. It extracts a set of flow feature vectors from the network traffic at the end of each time period, and then groups them to some flow clusters by a novel online fixed-width clustering algorithm. Flow clusters that have at least two members, and their intra-cluster similarity is above a similarity threshold, are identified as suspicious botnet clusters, and all hosts in such clusters are identi ed as bot infected. We demonstrate the effectiveness of BotOnus to detect various botnets including HTTP-, IRC-, and P2P-based botnets using a testbed network. The results of experiments show that it can successfully detect various botnets with an average detection rate of 94: 33% and an average false alarm rate of 3: 74%.

Cites

No record.

References

No record.

Cite

APA: Copy

YAHYAZADEH, MOSA, & ABADI, MAHDI. (2012). BOT ONUS: AN ONLINE UNSUPERVISED METHOD FOR BOTNET DETECTION. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 4(1), 51-62. SID. https://sid.ir/paper/241818/en

Vancouver: Copy

YAHYAZADEH MOSA, ABADI MAHDI. BOT ONUS: AN ONLINE UNSUPERVISED METHOD FOR BOTNET DETECTION. THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY[Internet]. 2012;4(1):51-62. Available from: https://sid.ir/paper/241818/en

IEEE: Copy

MOSA YAHYAZADEH, and MAHDI ABADI, “BOT ONUS: AN ONLINE UNSUPERVISED METHOD FOR BOTNET DETECTION,” THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY, vol. 4, no. 1, pp. 51–62, 2012, [Online]. Available: https://sid.ir/paper/241818/en

Related Journal Papers