Exploring a Service-Based Normal Behaviour Profiling System for Botnet Detection

Simple item page
dc.contributor.authorChen, Weikeng
dc.contributor.authorLuo, Xiao
dc.contributor.authorZincir-Heywood, A. Nur
dc.contributor.departmentComputer Information and Graphics Technology, School of Engineering and Technologyen_US
dc.date.accessioned2018-05-03T15:28:22Z
dc.date.available2018-05-03T15:28:22Z
dc.date.issued2017-05
dc.description.abstractEffective detection of botnet traffic becomes difficult as the attackers use encrypted payload and dynamically changing port numbers (protocols) to bypass signature based detection and deep packet inspection. In this paper, we build a normal profiling-based botnet detection system using three unsupervised learning algorithms on service-based flow-based data, including self-organizing map, local outlier, and k-NN outlier factors. Evaluations on publicly available botnet data sets show that the proposed system could reach up to 91% detection rate with a false alarm rate of 5%.en_US
dc.eprint.versionAuthor's manuscripten_US
dc.identifier.citationChen, W., Luo, X., & Zincir-Heywood, A. N. (2017). Exploring a service-based normal behaviour profiling system for botnet detection. In 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM) (pp. 947–952). https://doi.org/10.23919/INM.2017.7987417en_US
dc.identifier.urihttps://hdl.handle.net/1805/16010
dc.language.isoenen_US
dc.publisherIEEEen_US
dc.relation.isversionof10.23919/INM.2017.7987417en_US
dc.relation.journal2017 IFIP/IEEE Symposium on Integrated Network and Service Managementen_US
dc.rightsPublisher Policyen_US
dc.sourceAuthoren_US
dc.subjectbotnet trafficen_US
dc.subjectprotocolsen_US
dc.subjectbotnet detectionen_US
dc.titleExploring a Service-Based Normal Behaviour Profiling System for Botnet Detectionen_US
dc.typeConference proceedingsen_US
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Chen_2017_exploring.pdf
Size:
605.97 KB
Format:
Adobe Portable Document Format
Description:
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.99 KB
Format:
Item-specific license agreed upon to submission
Description:
Download
Collections
Open Access Policy Articles
Computer Information and Graphics Technology Works