{"title":"Peer to Peer Botnet Detection Using Data Mining Scheme","authors":"Wen-Hwa Liao, Chia-Ching Chang","doi":"10.1109/ITAPP.2010.5566407","DOIUrl":null,"url":null,"abstract":"Botnet was composed of the virus-infected computers severely threaten the security of internet. Hackers, firstly, implanted virus in targeted computers, which were then commanded and controlled by them via the internet to operate distributed denial of services (DDoS), steal confidential information, distribute junk mails and other malicious acts. By imitating P2P software, P2P botnet used multiple main controller to avoid single point of failure, and failed various misuse detecting technologies together with encryption technologies. Differentiating from the normal network behavior, P2P botnet sets up numerous sessions without consuming bandwidth substantially, causing itself exposed to the anomaly detection technology. The data mining scheme was tested in real internet to prove its capability of discovering the host of P2P botnet. Crucially, the research applied the original dissimilarity of P2P botnet differing from normal internet behaviors as parameters of data mining, which were then clustered and distinguished to obtain reliable results with acceptable accuracy.","PeriodicalId":116013,"journal":{"name":"2010 International Conference on Internet Technology and Applications","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"71","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Internet Technology and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITAPP.2010.5566407","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 71
Abstract
Botnet was composed of the virus-infected computers severely threaten the security of internet. Hackers, firstly, implanted virus in targeted computers, which were then commanded and controlled by them via the internet to operate distributed denial of services (DDoS), steal confidential information, distribute junk mails and other malicious acts. By imitating P2P software, P2P botnet used multiple main controller to avoid single point of failure, and failed various misuse detecting technologies together with encryption technologies. Differentiating from the normal network behavior, P2P botnet sets up numerous sessions without consuming bandwidth substantially, causing itself exposed to the anomaly detection technology. The data mining scheme was tested in real internet to prove its capability of discovering the host of P2P botnet. Crucially, the research applied the original dissimilarity of P2P botnet differing from normal internet behaviors as parameters of data mining, which were then clustered and distinguished to obtain reliable results with acceptable accuracy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
