Table of Contents Author Guidelines Submit a Manuscript
Journal of Electrical and Computer Engineering
Volume 2016, Article ID 2017373, 11 pages
http://dx.doi.org/10.1155/2016/2017373
Research Article

Communication Behaviour-Based Big Data Application to Classify and Detect HTTP Automated Software

Department of Computer Science, National Defense Academy, 1-10-20 Hashirimizu, Yokosuka, Kanagawa 239-0811, Japan

Received 25 December 2015; Revised 25 March 2016; Accepted 26 June 2016

Academic Editor: Jun Bi

Copyright © 2016 Manh Cong Tran and Yasuhiro Nakamura. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. MapReduce Tutorial, Apache Hadoop, 2008, https://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/MapReduceTutorial.html.
  2. MarkLogic database, “What is Marklogic,” 2015, http://www.marklogic.com/what-is-marklogic/.
  3. MarkLogic 8 Product Documentation, https://docs.marklogic.com/.
  4. M. A. Rajab, L. Ballard, N. Lutz, P. Mavrommatis, and N. Provos, “CAMP: content-agnostic malware protection,” in Proceedings of the Network and Distributed Systems Security Symposium (NDSS '13), Internet Society, 2013.
  5. A. Averbuch, M. Kiperberg, and N. J. Zaidenberg, “An efficient VM-based software protection,” in Proceedings of the 5th International Conference on Network and System Security (NSS '11), pp. 121–128, IEEE, Milan, Italy, September 2011. View at Publisher · View at Google Scholar · View at Scopus
  6. P. Royal, M. Halpin, D. Dagon, R. Edmonds, and W. Lee, “PolyUnpack: automating the hidden-code extraction of unpack-executing malware,” in Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC '06), pp. 289–298, IEEE, Miami Beach, Fla, USA, December 2006. View at Publisher · View at Google Scholar · View at Scopus
  7. J. Oberheide, E. Cooke, and F. Jahanian, “Cloudav: N-version antivirus in the network cloud,” in Proceedings of the 17th Conference on Security Symposium, pp. 91–106, USENIX Association, 2008.
  8. D. Ashley, An Algorithm for HTTP Bot Detection, University of Texas at Austin—Information Security Office, Austin, Tex, USA, 2011.
  9. W. Lu, M. Tavallaee, and A. A. Ghorbani, “Automatic discovery of botnet communities on large-scale communication networks,” in Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (ASIACCS '09), pp. 1–10, ACM, Sydney, Australia, March 2009. View at Publisher · View at Google Scholar · View at Scopus
  10. M. Eslahi, H. Hashim, and N. M. Tahir, “An efficient false alarm reduction approach in HTTP-based botnet detection,” in Proceedings of the IEEE Symposium on Computers & Informatics (ISCI '13), pp. 201–205, Langkawi, Malaysia, April 2013. View at Publisher · View at Google Scholar · View at Scopus
  11. B. AsSadhan and J. M. F. Moura, “An efficient method to detect periodic behavior in botnet traffic by analyzing control plane traffic,” Journal of Advanced Research, vol. 5, no. 4, pp. 435–448, 2014. View at Publisher · View at Google Scholar · View at Scopus
  12. S. Shin, Z. Xu, and G. Gu, “EFFORT: a new host-network cooperated framework for efficient and effective bot malware detection,” Computer Networks, vol. 57, no. 13, pp. 2628–2642, 2013. View at Publisher · View at Google Scholar · View at Scopus
  13. Y.-S. Chen, H.-S. Liu, Y.-H. Yu, and P.-C. Wang, “Detect phishing by checking content consistency,” in Proceedings of the 15th IEEE International Conference on Information Reuse and Integration (IRI '14), pp. 109–119, Redwood City, Calif, USA, August 2014. View at Publisher · View at Google Scholar · View at Scopus
  14. A. Blum, B. Wardman, T. Solorio, and G. Warner, “Lexical feature based phishing URL detection using online learning,” in Proceedings of the 3rd ACM Workshop on Artificial Intelligence and Security (AISec '10), pp. 54–60, 2010.
  15. J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, “Beyond blacklists: learning to detect malicious web sites from suspicious URLs,” in Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD '09), pp. 1245–1254, ACM, Paris, France, July 2009. View at Publisher · View at Google Scholar · View at Scopus
  16. T.-C. Chen, S. Dick, and J. Miller, “Detecting visually similar web pages: application to phishing detection,” ACM Transactions on Internet Technology, vol. 10, no. 2, article 5, pp. 5:1–5:38, 2010. View at Publisher · View at Google Scholar · View at Scopus
  17. G. Bartlett, J. Heidemann, and C. Papadopoulos, “Low-rate, flow-level periodicity detection,” in Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS '11), pp. 804–809, April 2011. View at Publisher · View at Google Scholar · View at Scopus
  18. M. C. Tran and Y. Nakamura, “In-host communication pattern observed for suspicious HTTP-based auto-ware detection,” International Journal of Computer and Communication Engineering, vol. 4, no. 6, pp. 379–389, 2015. View at Publisher · View at Google Scholar
  19. M.-P. Dubuisson and A. K. Jain, “A modified Hausdorff distance for object matching,” in Proceedings of the 12th IAPR International Conference on Pattern Recognition, Conference A: Computer Vision & Image Processing, vol. 1, pp. 566–568, IEEE, Jerusalem, Israel, 1994. View at Publisher · View at Google Scholar
  20. D. P. Huttenlocher, G. A. Klanderman, and W. J. Rucklidge, “Comparing images using the Hausdorff distance,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 15, no. 9, pp. 850–863, 1993. View at Publisher · View at Google Scholar · View at Scopus
  21. C. Brooks, Enterprise NoSQL for Dummies, John Wiley & Sons, Hoboken, NJ, USA, 2014.
  22. MarkLogic Developer License, Enterprise NoSQL Power for Developers, 2008, https://developer.marklogic.com/free-developer.
  23. N. Falliere and E. Chien, “Zeus: King of the bots,” Symantec Security Response, 2009, https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/zeus_king_of_bots.pdf.
  24. VirusTotal, 2015, http://virustotal.com/.
  25. McAfee Web Gateway, http://www.mcafee.com/us/products/web-gateway.aspx.