Pub Date : 2024-05-27DOI: 10.1186/s13635-024-00169-0
Arkan Hammoodi Hasan Kabla, Achmad Husni Thamrin, Mohammed Anbar, Selvakumar Manickam, Shankar Karuppayah
The orientation of emerging technologies on the Internet is moving toward decentralisation. Botnets have always been one of the biggest threats to Internet security, and botmasters have adopted the robust concept of decentralisation to develop and improve peer-to-peer botnet tactics. This makes the botnets cleverer and more artful, although bots under the same botnet have symmetrical behaviour, which is what makes them detectable. However, the literature indicates that the last decade has lacked research that explores new behavioural characteristics that could be used to identify peer-to-peer botnets. For the abovementioned reasons, in this study, we propose new two methods to detect peer-to-peer botnets: first, we explored a new set of behavioural characteristics based on network traffic flow analyses that allow network administrators to more easily recognise a botnet’s presence, and second, we developed a new anomaly detection approach by adopting machine-learning and deep-learning techniques that have not yet been leveraged to detect peer-to-peer botnets using only the five-tuple static indicators as selected features. The experimental analyses revealed new and important behavioural characteristics that can be used to identify peer-to-peer botnets, whereas the experimental results for the detection approach showed a high detection accuracy of 99.99% with no false alarms.
{"title":"Peer-to-peer botnets: exploring behavioural characteristics and machine/deep learning-based detection","authors":"Arkan Hammoodi Hasan Kabla, Achmad Husni Thamrin, Mohammed Anbar, Selvakumar Manickam, Shankar Karuppayah","doi":"10.1186/s13635-024-00169-0","DOIUrl":"https://doi.org/10.1186/s13635-024-00169-0","url":null,"abstract":"The orientation of emerging technologies on the Internet is moving toward decentralisation. Botnets have always been one of the biggest threats to Internet security, and botmasters have adopted the robust concept of decentralisation to develop and improve peer-to-peer botnet tactics. This makes the botnets cleverer and more artful, although bots under the same botnet have symmetrical behaviour, which is what makes them detectable. However, the literature indicates that the last decade has lacked research that explores new behavioural characteristics that could be used to identify peer-to-peer botnets. For the abovementioned reasons, in this study, we propose new two methods to detect peer-to-peer botnets: first, we explored a new set of behavioural characteristics based on network traffic flow analyses that allow network administrators to more easily recognise a botnet’s presence, and second, we developed a new anomaly detection approach by adopting machine-learning and deep-learning techniques that have not yet been leveraged to detect peer-to-peer botnets using only the five-tuple static indicators as selected features. The experimental analyses revealed new and important behavioural characteristics that can be used to identify peer-to-peer botnets, whereas the experimental results for the detection approach showed a high detection accuracy of 99.99% with no false alarms. ","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141168226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: The design of network security protection trust management system based on an improved hidden Markov model","authors":"Shaojun Chen","doi":"10.1186/s13635-024-00167-2","DOIUrl":"https://doi.org/10.1186/s13635-024-00167-2","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-023-00146-z.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Hierarchical energy-saving routing algorithm using fuzzy logic in wireless sensor networks","authors":"Dan Wang, Qing Wu, Ming Hu","doi":"10.1186/s13635-024-00168-1","DOIUrl":"https://doi.org/10.1186/s13635-024-00168-1","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-023-00144-1.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: RFID tag recognition model for Internet of Things for training room management","authors":"Shengqi Wu","doi":"10.1186/s13635-024-00164-5","DOIUrl":"https://doi.org/10.1186/s13635-024-00164-5","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-024-00154-7","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Improved RFID mutual authentication protocol against exhaustive attack in the context of big data","authors":"Kongze Li","doi":"10.1186/s13635-024-00163-6","DOIUrl":"https://doi.org/10.1186/s13635-024-00163-6","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-024-00151-w.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Node fault diagnosis algorithm for wireless sensor networks based on BN and WSN","authors":"Ming Li","doi":"10.1186/s13635-024-00166-3","DOIUrl":"https://doi.org/10.1186/s13635-024-00166-3","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-023-00149-w.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Research on privacy and secure storage protection of personalized medical data based on hybrid encryption","authors":"Jialu Lv","doi":"10.1186/s13635-024-00165-4","DOIUrl":"https://doi.org/10.1186/s13635-024-00165-4","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-023-00150-3.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Efficient identity security authentication method based on improved R-LWE algorithm in IoT environment","authors":"Lin Yang","doi":"10.1186/s13635-024-00162-7","DOIUrl":"https://doi.org/10.1186/s13635-024-00162-7","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-024-00153-8.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: IoT devices and data availability optimization by ANN and KNN","authors":"Zhiqiang Chen, Zhihua Song, Tao Zhang, Yong Wei","doi":"10.1186/s13635-024-00160-9","DOIUrl":"https://doi.org/10.1186/s13635-024-00160-9","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-023-00145-0.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930784","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Retraction Note: Network security threat detection technology based on EPSO-BP algorithm","authors":"Zhu Lan","doi":"10.1186/s13635-024-00161-8","DOIUrl":"https://doi.org/10.1186/s13635-024-00161-8","url":null,"abstract":"This article has been retracted. Please see the Retraction Notice for more detail: https://doi.org/10.1186/s13635-024-00152-9","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":null,"pages":null},"PeriodicalIF":3.6,"publicationDate":"2024-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140930722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}