Francesco Carpine, Claudio Mazzariello, Carlo Sansone
{"title":"Online IRC botnet detection using a SOINN classifier","authors":"Francesco Carpine, Claudio Mazzariello, Carlo Sansone","doi":"10.1109/ICCW.2013.6649447","DOIUrl":null,"url":null,"abstract":"IRC botnets have been rapidly growing in number, in infected network hosts, and, most of all, in size of caused damages. Hence, there is the need of a real-time detection solution, as accurate as possible; the earlier a botnet is discovered, the smaller will be its potential impact. In order to tackle these issues, our approach to IRC Botnet detection considers both the online context and the time consumption problem. In particular, we use both statistical and digrams-based features to build a two-class behavioral model. Then, we setup a fast detection engine based on an unsupervised incremental learning method. Several tests performed on real data (botnet and non-botnet IRC channels) revealed the effectiveness of the entire proposed solution.","PeriodicalId":252497,"journal":{"name":"2013 IEEE International Conference on Communications Workshops (ICC)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE International Conference on Communications Workshops (ICC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCW.2013.6649447","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
IRC botnets have been rapidly growing in number, in infected network hosts, and, most of all, in size of caused damages. Hence, there is the need of a real-time detection solution, as accurate as possible; the earlier a botnet is discovered, the smaller will be its potential impact. In order to tackle these issues, our approach to IRC Botnet detection considers both the online context and the time consumption problem. In particular, we use both statistical and digrams-based features to build a two-class behavioral model. Then, we setup a fast detection engine based on an unsupervised incremental learning method. Several tests performed on real data (botnet and non-botnet IRC channels) revealed the effectiveness of the entire proposed solution.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
