Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.11851/1134
Title: | Noise-resistant mechanisms for the detection of stealthy peer-to-peer botnets | Authors: | Narang, Pratik Hota, Chittaranjan Sencar, Hüsrev Taha |
Keywords: | Botnet Machine Learning Peer-To-Peer Intrusion Detection Security |
Publisher: | Elsevier | Source: | Narang, P., Hota, C., & Sencar, H. T. (2016). Noise-resistant mechanisms for the detection of stealthy peer-to-peer botnets. Computer Communications, 96, 29-42. | Abstract: | The problem of detection of malicious network traffic is adversarial in nature. Accurate detection of stealthy Peer-to-Peer botnets is an ongoing research problem. Past research on detection of P2P botnets has frequently used machine learning algorithms to build detection models. However, most prior work lacks the evaluation of such detection models in the presence of deliberate injection of noise by an adversary. Furthermore, detection of P2P botnets in the presence of benign P2P traffic has received little attention from the research community. This work proposes a novel approach for the detection of stealthy P2P botnets (in presence of benign P2P traffic) using conversation-based mechanisms and new features based on Fourier transforms and information entropy. We use real-world botnet data to compare the performance of our features with traditional 'flow-based' features employed by past research, and demonstrate that our approach is more resilient towards the injection of noise in the communication patterns by an adversary. We build detection models with multiple supervised machine learning algorithms. With our approach, we could detect P2P botnet traffic in the presence of injected noise with True Positive rate as high as 90%. (C) 2016 Elsevier B.V. All rights reserved. | URI: | https://www.sciencedirect.com/science/article/pii/S0140366416302341?via%3Dihub https://hdl.handle.net/20.500.11851/1134 |
ISSN: | 0140-3664 |
Appears in Collections: | Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection |
Show full item record
CORE Recommender
SCOPUSTM
Citations
8
checked on Nov 9, 2024
WEB OF SCIENCETM
Citations
8
checked on Nov 9, 2024
Page view(s)
86
checked on Nov 11, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.