{"title":"The detection of P2P bots using the dendritic cells algorithm","authors":"Li Wang, Xianjin Fang","doi":"10.1109/ICEDIF.2015.7280211","DOIUrl":null,"url":null,"abstract":"New botnet and bots using P2P protocols have become the increasing threat to network security because P2P botnet and bots do not have a centralized point to trace back or shut down, thus detecting the P2P bots is very difficult. In order to deal with these threats, the model in terms of the dendritic cells algorithm (DCA) is presented to detect P2P bots on an individual host. The detailed approach to detect P2P bots is also described. The raw data for P2P bots detection are obtained via APITrace tool. The processes ID are mapped into the antigens, and the behavioral data created by the processes are mapped into the signals, which are the time series input data of DCA. These data as the input data of the algorithm are used to implement data fusion and correlation. Through related experiments, the systems using the proposed method in this paper can detect p2p bots. The method should outperform the other existing P2P detection techniques due to its linear computation in the process of detection and analysis, and no training phrase.","PeriodicalId":355975,"journal":{"name":"2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Estimation, Detection and Information Fusion (ICEDIF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICEDIF.2015.7280211","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
New botnet and bots using P2P protocols have become the increasing threat to network security because P2P botnet and bots do not have a centralized point to trace back or shut down, thus detecting the P2P bots is very difficult. In order to deal with these threats, the model in terms of the dendritic cells algorithm (DCA) is presented to detect P2P bots on an individual host. The detailed approach to detect P2P bots is also described. The raw data for P2P bots detection are obtained via APITrace tool. The processes ID are mapped into the antigens, and the behavioral data created by the processes are mapped into the signals, which are the time series input data of DCA. These data as the input data of the algorithm are used to implement data fusion and correlation. Through related experiments, the systems using the proposed method in this paper can detect p2p bots. The method should outperform the other existing P2P detection techniques due to its linear computation in the process of detection and analysis, and no training phrase.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
