Title

Accurate Detection Of Peer-To-Peer Botnet Using Multi-Stream Fused Scheme

Keywords

Decentralized botnet; Discrete Kalman filter; Hurst; Multi-chart CUSUM; Peer to peer

Abstract

Nowadays decentralized botnets pose a great threat to Internet. They evolve new features such as P2P Command and Control(C&C), which makes traditional detection methods no longer effective for indicating the existence of the bots. In this paper, based on several of the new P2P botnet characteristic properties, we propose a novel real-time detecting model - MSFM (Multi-Stream Fused Model). MSFM considers multiple types of packets' unique characteristics and handle them with corresponding strategies. Extensive experiment results show that our model can accurately detect peer-to-peer botnet with relatively low false-positive and false-negative rates. © 2011 ACADEMY PUBLISHER.

Publication Date

5-1-2011

Publication Title

Journal of Networks

Volume

6

Issue

5

Number of Pages

807-814

Document Type

Article

Personal Identifier

scopus

DOI Link

https://doi.org/10.4304/jnw.6.5.807-814

Socpus ID

79955941151 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/79955941151

This document is currently not available here.

Share

COinS