Botnet has become one major Internet security issue in recent years. Although signature-based solutions are accurate, it is not possible to detect bot variants in real-time. In this paper, we propose behavior-based botnet detection in parallel (BBDP). BBDP adopts a fuzzy pattern recognition approach to detect bots. It detects a bot based on anomaly behavior in DNS queries and TCP requests. With...

Zhen Li1 and Qi Liao2 1Department of Economics and Management, Albion College, Albion, Michigan, USA 2Department of Computer Science, Central Michigan University, Mount Pleasant, Michigan, USA ABSTRACT Economics play an increasingly important role in fighting cyber crimes. While the arms race against botnet problems has achieved limited success, we propose an approach attacking botnets through ...

In this letter, we develop a behavioral metric with which spamming botnets can be quickly identified with respect to their residing IP blocks. Our method aims at line-speed operation without deep inspection, so only TCP/IP header fields of the passing packets are examined. However, the proposed metric yields a high-quality receiver operating characteristics (ROC), with high detection rates and ...

Today, botnets are the most common threat on Internet and used as main attack vector against individuals businesses. Cybercriminals have exploited for many illegal activities, including click fraud, DDOS attacks, spam production. In this article, we suggest a method identifying behavior of data traffic using machine learning classifiers genetic algorithm to detect botnet activities. By categori...

Abstract A botnet is a network of remotely-controlled infected computers that can send spam, spread viruses, or stage denial-of-service attacks, without the consent computer owners. Since beginning 21st century, activities have steadily increased, becoming one major concerns for Internet security. In fact, are more and difficult to be detected, because they make use Peer-to-Peer protocols (eMul...

In recent years, botnet has become one of the most serious security threats to Internet. With the rapid development of mobile network and the popularity of smartphones, botnet began to spread to mobile platform. In order to counter mobile botnet, it is meaningful to study its constructive mechanism and reproduce it. In the past studies, researchers have designed several kinds of mobile botnet m...

Over the last few years, researchers and network operators have examined networks of DDoS agents, more recently called botnets due to their connection to Internet Relay Chat (IRC). In the continued quest to take down these networks of bots, two important questions arise: how many bots are there, and how to find every last bot? When one reads about a ten thousand, hundred thousand, one million n...

Botnet detection is one of the most emerging topic recently. In this article we would like to introduce a novel method based on IP flows to detect botnets through command and control behaviors. This is a combination of both machine learning and regression, which can reduce time interval to monitor network traffic significantly.