Smart Approach for Botnet Detection Based on Network Traffic Analysis
نویسندگان
چکیده
Today, botnets are the most common threat on Internet and used as main attack vector against individuals businesses. Cybercriminals have exploited for many illegal activities, including click fraud, DDOS attacks, spam production. In this article, we suggest a method identifying behavior of data traffic using machine learning classifiers genetic algorithm to detect botnet activities. By categorizing based time slots, investigate viability detecting without seeing whole network flow. We also evaluate efficacy two well-known classification methods with reference data. demonstrate experimentally, existing datasets, that it is possible activities high precision.
منابع مشابه
Botnet Malicious Activity Detection Based on DNS Traffic Analysis
In the field of internet security botnet is becoming the significant threat as more number of users are connected to internet. Botnet which is a collection of infected computers so called (bots) are becoming the major threat to internet community. The difference between a malware and botnet is that bot is remotely controlled by a C&C server which are under the control of a botmaster. Here in th...
متن کاملSurvey on network-based botnet detection methods
Botnets are an important security problem on the Internet. They continuously evolve their structure, protocols and attacks. This survey analyzes and compares the most important efforts carried out in a network-based detection area. It accomplishes four tasks: first, the comparison of previous surveys and the proposal of four new dimensions to analyze their classification schemes; second, a new ...
متن کاملBotnet Detection Based on Network Behavior
Current techniques for detecting botnets examine traffic content for IRC commands, monitor DNS for strange usage, or set up honeynets to capture live bots. Our botnet detection approach is to examine flow characteristics such as bandwidth, packet timing, and burst duration for evidence of botnet command and control activity. We have constructed an architecture that first eliminates traffic that...
متن کاملDGA-Based Botnet Detection Using DNS Traffic
In recent years, an increasing number of botnets use Domain Generation Algorithms (DGAs) to bypass botnet detection systems. DGAs, also referred as “domain fluxing”, has been used since 2004 for botnet controllers, and now become an emerging trend for malware. It can dynamically and frequently generate a large number of random domain names which are used to prevent security systems from detecti...
متن کاملHoneynet-based Botnet Scan Traffic Analysis
With the increasing importance of Internet in everyone’s daily life, Internet security poses a serious problem. Now-a-days, botnets are the major tool to launch Internet-scale attacks. A “botnet” is a network of compromised machines that is remotely controlled by an attacker. In contrast of the earlier hacking activities (mainly used to show off the attackers’ technique skills), botnets are bet...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Electrical and Computer Engineering
سال: 2022
ISSN: ['2090-0155', '2090-0147']
DOI: https://doi.org/10.1155/2022/3073932