|
Evaluation group | Attribute value | Index | Description | Score |
|
Service | Accuracy | Low | Detection accuracy of botnet is below 70% | 0.7 |
Middle | Detection accuracy is between 70% and 80% | 0.8 |
High | Detection accuracy is above 90% | 0.9 |
Very high | Detection accuracy is above 95% | 0.95 |
Scenes | General | General botnet detection | 0.9 |
Special | Special botnet detection | 0.8 |
Stage | Early | Refers to detection during the botnet propagation or addressing phase | 0.7 |
Interaction | Refers to testing at the interactive stage | 0.5 |
|
Intelligent | Automation | Low | Professionals are required to manually extract features | 0.5 |
Middle | Partial feature automatic extraction | 0.7 |
High | Fully automated feature extraction | 0.9 |
Adaptation | Low | Cannot detect unknown botnets | 0.6 |
High | Can detect unknown botnets | 0.9 |
Real time | No | Failed to perform real-time detection | 0.6 |
ā | Yes | Real-time detection possible | 0.9 |
|
Collaboration | Architecture | Centralized | Centralized inspection system architecture | 0.6 |
Distributed | Distributed detection system architecture, better flexibility | 0.9 |
Content | Single | Detect single data such as host, log, or traffic information | 0.7 |
Multiple | Detect multiple data such as host logs, network traffic, and codes | 0.9 |
Integration | No | Adopt a single approach | 0.7 |
Yes | Adopt a variety of approaches | 0.9 |
|
Assistant | Latency | No | Cannot detect deep latent BOT | 0.6 |
Yes | Can detect deep latent BOT | 0.8 |
Cost | Low | Normal power consumption | 0.9 |
Middle | Hardware requirements such as GPU | 0.7 |
High | More detectors are deployed, requiring more hardware and bandwidth resources | 0.5 |
Visualization | No | No visual display | 0.5 |
Yes | Visualize data information or botnet detection through visualization methods | 0.6 |
|