Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Design of Instruction Analyzer with Semantic-Based Loop Unrolling Mechanism in the Hyperscalar Architecture Read chapter Read first chapter

2019 | OriginalPaper | Chapter

The Impact of the Observation Period for Detecting P2P Botnets on the Real Traffic Using BotCluster

Authors : Chun-Yu Wang, Jia-Hong Yap, Kuan-Chung Chen, Jyh-Biau Chang, Ce-Kuen Shieh

Published in: New Trends in Computer Technologies and Applications

Publisher: Springer Singapore

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

In recent years, many studies on peer-to-peer (P2P) botnet detection have exhibited the excellent detection precision on synthetic logs collected from the testbed. However, most of them do not evaluate their effectiveness on real traffic. In this paper, we use our BotCluster to analyze real traffic from April 2nd to April 15th, 2017, collected as Netflow format, with three time-scopes for detecting P2P botnet activities in two campuses (National Cheng Kung University (NCKU) and National Chung Cheng University (CCU)). Three time-scopes including single-day, three-day, and weekly observation period applied to the same traffic logs for revealing the influence of the observation period on P2P botnet detection. The experiments show that with the weekly observation period, the precision can increase 10% from 84% to 94% on the combined traffic logs of two campuses.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Evolution of Advanced Persistent Threat (APT) Attacks and Actors
next chapter Deep Residual Neural Network Design for Super-Resolution Imaging
Literature
1.
Wang, C.-Y., et al.: BotCluster: a session-based P2P botnet clustering system on NetFlow. Comput. Netw. 145, 175–189 (2018)CrossRef
2.
Wang, P., Wang, F., Lin, F., Cao, Z.-Z., et al.: Identifying peer-to-peer botnets through periodicity behavior analysis. In: 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) (2018)
3.
Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: 9th Annual International Conference on Privacy Security and Trust (PST), pp. 174–180 (2011)
4.
Sengar, B., Padmavathi, B.: P2P bot detection system based on mapreduce. In: 2017 International Conference on Computing Methodologies and Communication (ICCMC) (2017)
5.
Mane, Y.D.: Detect and deactivate P2P Zeus bot. In: 2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (2017)
6.
Sun, J.-H., Jeng, T.-H., Chen, C.-C., Huang, H.-C., Chou, K.-S.: MD-Miner: behavior-based tracking of network traffic for malware-control domain detection. In: IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 96–105 (2017)
7.
Almutairi, S., Mahfoudh, S., Alowibdi, J.S.: Peer to peer botnet detection based on network traffic analysis, new technologies. In: 2016 8th IFIP International Conference on Mobility and Security (NTMS), pp. 1–4 (2016)
8.
Qiu, Z., Miller, D.J., Kesidis, G.: Flow based botnet detection through semi-supervised active learning. In: IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 2387–2391 (2017)
9.
Yang, H., Cheng, L., Chuah, M.-C.: Detecting peer-to-peer botnets in SCADA systems. In: GlobeCom Workshops (2016)
10.
Le, D.C., Zincir-Heywood, A.N., Heywood, M.I.: Data analytics on network traffic flows for botnet behavior detection. In: IEEE Symposium Series on Computational Intelligence (SSCI), pp. 1–7 (2016)
11.
Alejandre, F.V., Cortés, N.C., Anaya, E.A.: Feature selection to detect botnets using machine learning algorithms. In: International Conference on Electronics, Communications and Computers (CONIELECOMP), pp. 1–7 (2017)
12.
Mai, L., Park, M.: A comparison of clustering algorithms for botnet detection based on network flow. In: 8th International Conference on Ubiquitous and Future Networks (ICUFN), pp. 667–669 (2016)
13.
Gavrilut, D.T., Popoiu, G., Benchea, R.: Identifying DGA-based botnets using network anomaly detection. In: 18th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 292–299 (2016)
14.
Zhuang, D., Chang, J.M.: PeerHunter: detecting peer-to-peer botnets through community behavior analysis. In: 2017 IEEE Conference on Dependable and Secure Computing (2017)
15.
Yan, J., Ying, L., Yang, Y., Su, P., Feng, D.: Long term tracking and characterization of P2P botnet. In: IEEE TrustCom, pp. 244–251 (2014)
16.
Yahyazadeh, M., Abadi, M.: BotOnus: an online unsupervised method for botnet detection. ISC Int. J. Inf. Secur. (ISeCure) 4(1), 51–62 (2012)
17.
Khodadadi, R., Akbari, B.: Ichnaea: Effective P2P botnet detection approach based on analysis of network flows. In: 7th International Symposium on Telecommunications (IST), pp. 934–940 (2014)
18.
Zhang, J.-J., Perdisci, R., Lee, W.-K., Luo, X.-P., Sarfraz, U.: Building a scalable system for stealthy P2P-botnet detection. IEEE Trans. Inf. Forensics and Secur. 9(1), 27–38 (2014)CrossRef
19.
Narang, P., Ray, S., Hota, C, Venkatakrishnan, V.: Peershark: detecting peer-to-peer botnets by tracking conversations. In: Security and Privacy Workshops (SPW) (2014)
20.
Ye, W., Cho, K.: P2P and P2P botnet traffic classification in two stages. Soft Comput. J. 21, 1–12 (2015)
21.
Garg, S., Peddoju, K., Sarje, A.: Scalable P2P bot detection system based on network data stream. Peer-to-Peer Networking Appl. 9, 1–16 (2016)CrossRef
22.
Thangapandiyan, M., Anand, P.M.R.: An efficient botnet detection system for P2P botnet. In: International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 1217–1221 (2016)
23.
24.
25.
Metadata
Title
The Impact of the Observation Period for Detecting P2P Botnets on the Real Traffic Using BotCluster
Authors
Chun-Yu Wang
Jia-Hong Yap
Kuan-Chung Chen
Jyh-Biau Chang
Ce-Kuen Shieh
Copyright Year
2019
Publisher
Springer Singapore
Book
New Trends in Computer Technologies and Applications

Print ISBN: 978-981-13-9189-7

Electronic ISBN: 978-981-13-9190-3

Copyright Year: 2019

DOI
https://doi.org/10.1007/978-981-13-9190-3_8

Premium Partner

    Image Credits