Research Article
Abnormal Behavior Detection to Identify Infected Systems Using the APChain Algorithm and Behavioral Profiling
Table 15
Experimental results for C&C channel detection.
| | Scenario | Accuracy | Precision | Recall | TP | TN | FP | FN |
| | S01 | 1.0 | 1.0 | 1.0 | 3 | 431 | 0 | 0 |
| | S02 | 0.993 | 0.5 | 1.0 | 4 | 537 | 4 | 0 |
| | S03 | 0.996 | 0.6 | 1.0 | 3 | 642 | 2 | 0 |
| | S04 | 1.0 | 1.0 | 1.0 | 1 | 102 | 0 | 0 |
| | S11 | 1.0 | 1.0 | 1.0 | 1 | 12 | 0 | 0 |
| | S12 | 0.993 | 0.03 | 1.0 | 1 | 4174 | 27 | 0 |
| | S13 | 0.999 | 0.5 | 1.0 | 1 | 9988 | 1 | 0 |
| | S14 | 0.994 | 0.1 | 1.0 | 1 | 1536 | 9 | 0 |
| | S15 | 0.994 | 0.09 | 1.0 | 1 | 1535 | 10 | 0 |
| | S16 | 0.950 | 0.5 | 1.0 | 1 | 18 | 1 | 0 |
| | S17 | 0.922 | 0.1 | 1.0 | 1 | 94 | 8 | 0 |
|
|
