Chen et al., 2017 - Google Patents
An effective conversation‐based botnet detection methodChen et al., 2017
View PDF- Document ID
- 13418233668801487511
- Author
- Chen R
- Niu W
- Zhang X
- Zhuo Z
- Lv F
- Publication year
- Publication venue
- Mathematical Problems in Engineering
External Links
Snippet
A botnet is one of the most grievous threats to network security since it can evolve into many attacks, such as Denial‐of‐Service (DoS), spam, and phishing. However, current detection methods are inefficient to identify unknown botnet. The high‐speed network environment …
- 238000001514 detection method 0 title abstract description 68
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Chen et al. | An effective conversation‐based botnet detection method | |
| Lima Filho et al. | Smart detection: an online approach for DoS/DDoS attack detection using machine learning | |
| Ye et al. | A DDoS attack detection method based on SVM in software defined network | |
| Idhammad et al. | Detection system of HTTP DDoS attacks in a cloud environment based on information theoretic entropy and random forest | |
| Bapat et al. | Identifying malicious botnet traffic using logistic regression | |
| Aiello et al. | DNS tunneling detection through statistical fingerprints of protocol messages and machine learning | |
| Xu et al. | Profiling internet backbone traffic: behavior models and applications | |
| Lin et al. | Application classification using packet size distribution and port association | |
| CN101741862B (en) | System and method for detecting IRC bot network based on data packet sequence characteristics | |
| Alaidaros et al. | An overview of flow-based and packet-based intrusion detection performance in high speed networks | |
| Haddadi et al. | Botnet behaviour analysis using ip flows: with http filters using classifiers | |
| Yin | Towards Accurate Node‐Based Detection of P2P Botnets | |
| Hung et al. | A botnet detection system based on machine-learning using flow-based features | |
| Shanthi et al. | Detection of botnet by analyzing network traffic flow characteristics using open source tools | |
| Liu et al. | A survey of botnet architecture and batnet detection techniques | |
| Jenefa et al. | The ascent of network traffic classification in the dark net: A survey | |
| Nair et al. | A study on botnet detection techniques | |
| Rimmer et al. | Open-world network intrusion detection | |
| Hsu et al. | Detecting Web‐Based Botnets Using Bot Communication Traffic Features | |
| Kostas et al. | IoTGeM: Generalizable Models for Behaviour-Based IoT Attack Detection | |
| Stergiopoulos et al. | Using side channel TCP features for real-time detection of malware connections | |
| Alizadeh et al. | Traffic classification for managing applications’ networking profiles | |
| Mahardhika et al. | An implementation of Botnet dataset to predict accuracy based on network flow model | |
| Kheir et al. | Behavioral fine-grained detection and classification of P2P bots | |
| Shalini et al. | Early detection and mitigation of TCP SYN flood attacks in SDN using chi-square test |