Research Article
Hybrid Botnet Detection Based on Host and Network Analysis
Table 3
List of selected artifacts for network monitor.
| | Number | Artifact |
| | 1 | Port source and destination | | 2 | IP source and destination | | 3 | Protocol (UDP or TCP) | | 4 | HTTP method (POST or GET) | | 5 | Total number of connections | | 6 | Number of failed connections | | 7 | First packet length | | 8 | Packet size | | 9 | Total number of packets | | 10 | Number of input small packets | | 11 | Number of output small packets |
|
|
