BOTNET DETECTION WITH FLOW BEHAVIOR ANALYSIS APPROACH

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

PARSA S.; MORTAZI H.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2018 | Volume:5 | Issue:4 (20) Page(s): 1-15

Download Full-Text

Persian Verion

View:

1,259

Download:

Cites:

Information Journal Paper

Title

BOTNET DETECTION WITH FLOW BEHAVIOR ANALYSIS APPROACH

Author(s)

PARSA S. | MORTAZI H. | Issue Writer Certificate

Keywords

BOTNETQ1

BOTQ1

PEER TO PEER BOTNETQ1

NETWORK FLOW ANALYSISQ1

MACHINE LEARNINGQ1

Abstract

"BOTNET" is a network of infected computers connected to the Internet that is under management of the command and control server and is used for denial of service attacks, for sending spams and other malicious operations. The size of a BOTNET depends on the complexity and number of computers employed. Users usually do not know that their systems are remotely controled and abused. BOTNETs are attractive for cyber criminals, because they are capable of being reset for various offenses, moved to new hosting services, or they are reprogrammed in response to new developments in security. Despite the specific characteristics of each BOTNET, BOTs in a BOTNET exhibit homogeneous behaviors and this can be the starting point for identifying a BOTNET within a network. Discoverable behavior of BOTs in a BOTNET can lead to production of features and attributes. Analyzing of these features, we can classify traffic to malicious and non-malicious traffic. This approach uses NETWORK FLOW ANALYSIS and MACHINE LEARNING methods to detect peer to peer BOTNETs. Furthermore, this approach is flow-based and analyzes features extracted from flows based on the behavior of well-known BOTNETs such as Weasel, etc and determines that the new traffic is an attack or not.

Cites

No record.

References

No record.

Cite

APA: Copy

PARSA, S., & MORTAZI, H.. (2018). BOTNET DETECTION WITH FLOW BEHAVIOR ANALYSIS APPROACH. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 5(4 (20) ), 1-15. SID. https://sid.ir/paper/243124/en

Vancouver: Copy

PARSA S., MORTAZI H.. BOTNET DETECTION WITH FLOW BEHAVIOR ANALYSIS APPROACH. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2018;5(4 (20) ):1-15. Available from: https://sid.ir/paper/243124/en

IEEE: Copy

S. PARSA, and H. MORTAZI, “BOTNET DETECTION WITH FLOW BEHAVIOR ANALYSIS APPROACH,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 5, no. 4 (20) , pp. 1–15, 2018, [Online]. Available: https://sid.ir/paper/243124/en

Related Journal Papers