IDEAS home Printed from https://ideas.repec.org/a/hin/jnlmpe/4934082.html
   My bibliography  Save this article

An Effective Conversation-Based Botnet Detection Method

Author

Listed:
  • Ruidong Chen
  • Weina Niu
  • Xiaosong Zhang
  • Zhongliu Zhuo
  • Fengmao Lv

Abstract

A botnet is one of the most grievous threats to network security since it can evolve into many attacks, such as Denial-of-Service (DoS), spam, and phishing. However, current detection methods are inefficient to identify unknown botnet. The high-speed network environment makes botnet detection more difficult. To solve these problems, we improve the progress of packet processing technologies such as New Application Programming Interface (NAPI) and zero copy and propose an efficient quasi-real-time intrusion detection system. Our work detects botnet using supervised machine learning approach under the high-speed network environment. Our contributions are summarized as follows: (1) Build a detection framework using PF_RING for sniffing and processing network traces to extract flow features dynamically. (2) Use random forest model to extract promising conversation features. (3) Analyze the performance of different classification algorithms. The proposed method is demonstrated by well-known CTU13 dataset and nonmalicious applications. The experimental results show our conversation-based detection approach can identify botnet with higher accuracy and lower false positive rate than flow-based approach.

Suggested Citation

  • Ruidong Chen & Weina Niu & Xiaosong Zhang & Zhongliu Zhuo & Fengmao Lv, 2017. "An Effective Conversation-Based Botnet Detection Method," Mathematical Problems in Engineering, Hindawi, vol. 2017, pages 1-9, April.
  • Handle: RePEc:hin:jnlmpe:4934082
    DOI: 10.1155/2017/4934082
    as

    Download full text from publisher

    File URL: http://downloads.hindawi.com/journals/MPE/2017/4934082.pdf
    Download Restriction: no

    File URL: http://downloads.hindawi.com/journals/MPE/2017/4934082.xml
    Download Restriction: no

    File URL: https://libkey.io/10.1155/2017/4934082?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Simon Nam Thanh Vu & Mads Stege & Peter Issam El-Habr & Jesper Bang & Nicola Dragoni, 2021. "A Survey on Botnets: Incentives, Evolution, Detection and Current Trends," Future Internet, MDPI, vol. 13(8), pages 1-43, July.
    2. Zeeshan Hussain & Adnan Akhunzada & Javed Iqbal & Iram Bibi & Abdullah Gani, 2021. "Secure IIoT-Enabled Industry 4.0," Sustainability, MDPI, vol. 13(22), pages 1-14, November.
    3. Lihua Yin & Weizhe Chen & Xi Luo & Hongyu Yang, 2024. "Efficient Large-Scale IoT Botnet Detection through GraphSAINT-Based Subgraph Sampling and Graph Isomorphism Network," Mathematics, MDPI, vol. 12(9), pages 1-20, April.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hin:jnlmpe:4934082. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Mohamed Abdelhakeem (email available below). General contact details of provider: https://www.hindawi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.