Table of Contents Author Guidelines Submit a Manuscript
Mathematical Problems in Engineering
Volume 2017, Article ID 4934082, 9 pages
https://doi.org/10.1155/2017/4934082
Research Article

An Effective Conversation-Based Botnet Detection Method

1School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, Sichuan 611731, China
2Center for Cyber Security, University of Electronic Science and Technology of China, Chengdu, Sichuan 611731, China

Correspondence should be addressed to Xiaosong Zhang; nc.ude.ctseu@sxznosnhoj

Received 25 January 2017; Accepted 12 March 2017; Published 9 April 2017

Academic Editor: Lixiang Li

Copyright © 2017 Ruidong Chen et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Linked References

  1. Z. Zhu, G. Lu, Y. Chen, Z. J. Fu, P. Roberts, and K. Han, “Botnet research survey,” in Proceedings of the 32nd Annual IEEE International Computer Software and Applications Conference (COMPSAC '08), pp. 967–972, IEEE, August 2008. View at Publisher · View at Google Scholar · View at Scopus
  2. C. Mazzariello, “IRC traffic analysis for botnet detection,” in Proceedings of the 4th International Conference on Information Assurance and Security (IAS '08), pp. 318–323, IEEE, September 2008. View at Publisher · View at Google Scholar · View at Scopus
  3. J.-S. Lee, H. C. Jeong, J.-H. Park, M. Kim, and B.-N. Noh, “The activity analysis of malicious http-based botnets using degree of periodic repeatability,” in Proceedings of the International Conference on Security Technology (SECTECH '08), pp. 83–86, IEEE, December 2008. View at Publisher · View at Google Scholar · View at Scopus
  4. W. Zhou and X. Wu, “Survey of p2p technologies,” Computer Engineering and Design, vol. 27, no. 1, pp. 76–79, 2006. View at Google Scholar
  5. H. R. Zeidanloo and A. A. Manaf, “Botnet command and control mechanisms,” in Proceedings of the International Conference on Computer and Electrical Engineering (ICCEE '09), pp. 564–568, IEEE, December 2009. View at Publisher · View at Google Scholar · View at Scopus
  6. D. Dittrich and S. Dietrich, “P2P as botnet command and control: a deeper insight,” in Proceedings of the 3rd International Conference on Malicious and Unwanted Software (MALWARE '08), pp. 41–48, IEEE, October 2008. View at Publisher · View at Google Scholar · View at Scopus
  7. M. Feily, A. Shahrestani, and S. Ramadass, “A survey of botnet and botnet detection,” in Proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies (SECURWARE '09), pp. 268–273, IEEE, June 2009. View at Publisher · View at Google Scholar · View at Scopus
  8. R. Villamarín-Salomón and J. C. Brustoloni, “Bayesian bot detection based on DNS traffic similarity,” in Proceedings of the 24th Annual ACM Symposium on Applied Computing (SAC '09), pp. 2035–2041, ACM, March 2009. View at Publisher · View at Google Scholar · View at Scopus
  9. S. Arshad, M. Abbaspour, M. Kharrazi, and H. Sanatkar, “An anomaly-based botnet detection approach for identifying stealthy botnets,” in Proceedings of the IEEE International Conference on Computer Applications and Industrial Electronics (ICCAIE '11), pp. 564–569, IEEE, December 2011. View at Publisher · View at Google Scholar · View at Scopus
  10. M. N. Sakib and C.-T. Huang, “Using anomaly detection based techniques to detect HTTP-based botnet C&C traffic,” in Proceedings of the IEEE International Conference on Communications (ICC '16), pp. 1–6, IEEE, Kuala Lumpur, Malaysia, May 2016. View at Publisher · View at Google Scholar · View at Scopus
  11. P. V. Amoli and T. Hämäläinen, “A real time unsupervised NIDS for detecting unknown and encrypted network attacks in high speed network,” in Proceedings of the 2nd IEEE International Workshop on Measurements and Networking (M & N '13), pp. 149–154, IEEE, October 2013. View at Publisher · View at Google Scholar · View at Scopus
  12. K. Singh, S. C. Guntuku, A. Thakur, and C. Hota, “Big data analytics framework for peer-to-peer botnet detection using random forests,” Information Sciences, vol. 278, pp. 488–497, 2014. View at Publisher · View at Google Scholar · View at Scopus
  13. S. Kalmegh, “Analysis of WEKA data mining algorithm REPTree, simple CART and RandomTree for classification of Indian news,” International Journal of Innovative Science, Engineering, and Technology, vol. 2, no. 2, pp. 438–446, 2015. View at Google Scholar
  14. M. Hall, E. Frank, G. Holmes, B. Pfahringer, P. Reutemann, and I. H. Witten, “The weka data mining software,” ACM SIGKDD Explorations Newsletter, vol. 11, no. 1, pp. 10–18, 2009. View at Publisher · View at Google Scholar
  15. S. Saad, I. Traore, A. Ghorbani et al., “Detecting P2P botnets through network behavior analysis and machine learning,” in Proceedings of the 9th Annual International Conference on Privacy, Security and Trust (PST '11), pp. 174–180, IEEE, Montreal, Canada, July 2011. View at Publisher · View at Google Scholar · View at Scopus
  16. M. R. Rostami, B. Shanmugam, and N. B. Idris, “Analysis and detection of P2P botnet connections based on node behaviour,” in Proceedings of the World Congress on Information and Communication Technologies (WICT '11), pp. 928–933, IEEE, December 2011. View at Publisher · View at Google Scholar · View at Scopus
  17. H. Zhang, M. Gharaibeh, S. Thanasoulas, and C. Papadopoulos, “Botdigger: detecting DGA bots in a single network,” in Proceedings of the IEEE International Workshop on Traffic Monitoring and Analaysis, Louvain La Neuve, Belgium, April 2016.
  18. W. Wang, B.-X. Fang, and X. Cui, “Botnet detecting method based on group-signature filter,” Journal on Communications, vol. 31, no. 2, pp. 29–35, 2010. View at Google Scholar
  19. K. Shanthi and D. Seenivasan, “Detection of botnet by analyzing network traffic flow characteristics using open source tools,” in Proceedings of the 9th IEEE International Conference on Intelligent Systems and Control (ISCO '15), pp. 1–5, IEEE, January 2015. View at Publisher · View at Google Scholar · View at Scopus
  20. G. Kirubavathi and R. Anitha, “Botnet detection via mining of traffic flow characteristics,” Computers and Electrical Engineering, vol. 50, pp. 91–101, 2016. View at Publisher · View at Google Scholar · View at Scopus
  21. J. Zhang, R. Perdisci, W. Lee, X. Luo, and U. Sarfraz, “Building a scalable system for stealthy P2P-botnet detection,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 1, pp. 27–38, 2014. View at Publisher · View at Google Scholar · View at Scopus
  22. M. Stevanovic and J. M. Pedersen, “An efficient flow-based botnet detection using supervised machine learning,” in Proceedings of the International Conference on Computing, Networking and Communications (ICNC '14), pp. 797–801, IEEE, February 2014. View at Publisher · View at Google Scholar · View at Scopus
  23. L. M. Garcia, “Programming with libpcap—sniffing the network from our own application,” Hakin9-Computer Security Magazine, p. 2-2008, 2008. View at Google Scholar
  24. M. M. Rathore, A. Ahmad, and A. Paul, “Real time intrusion detection system for ultra-high-speed big data environments,” The Journal of Supercomputing, vol. 72, no. 9, pp. 3489–3510, 2016. View at Publisher · View at Google Scholar · View at Scopus
  25. D. Zhao, I. Traore, B. Sayed et al., “Botnet detection based on traffic behavior analysis and flow intervals,” Computers and Security, vol. 39, pp. 2–16, 2013. View at Publisher · View at Google Scholar · View at Scopus
  26. H. Choi, H. Lee, and H. Kim, “BotGAD: detecting botnets by capturing group activities in network traffic,” in Proceedings of the 4th International ICST Conference on Communication System Software and Middleware, p. 2, ACM, June 2009.
  27. P. Judge, D. Alperovitch, and W. Yang, “Understanding and reversing the profit model of spam (position paper),” in Proceedings of the 4th Workshop on the Economics of Information Security, June 2005.
  28. F. Haddadi, D.-T. Phan, and A. N. Zincir-Heywood, “How to choose from different botnet detection systems?” in Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS '16), pp. 1079–1084, IEEE, April 2016. View at Publisher · View at Google Scholar · View at Scopus
  29. A. Sharma and S. K. Sahay, “An effective approach for classification of advanced malware with high accuracy,” International Journal of Security and Its Applications, vol. 10, no. 4, pp. 249–266, 2016. View at Google Scholar