Masato Terada scite author profile

This paper aims to detect features of coordinated attacks by applying data mining techniques, Apriori and PrefixSpan, to the CCC DATAset 2008-2010 which consists of the captured packets data and the downloading logs. Data mining algorithms allow us to automate detecting characteristics from large amount of data, which the conventional heuristics could not apply. Apriori achives high recall but with false positive, while PrefixSpan has high precision but low recall. Hence, we propose hybriding these algorithms. Our analysis shows the change in behavior of malware over the past 3 years.

show abstract

Heuristics for Detecting Botnet Coordinated Attacks

Kazuya

Kikuchi

Terada

et al. 2010

View full text Add to dashboard Cite

This paper studies the analysis on the Cyber Clean Center (CCC) Data Set 2009, consisting of raw packets captured more than 90 independent honeypots, in order for detecting behavior of downloads and the port-scans. The analyses show that some new features of the coordinated attacks performed by Botnet, e.g., some particular strings contained in packets in downloading malwares, and the common patterns in downloading malwares from distributed servers.Based on the analysis, the paper proposes the heuristic techniques for detection of malwares made by Botnet coordinated attack and reports the accuracy of the proposed heuristics. The detection process is automated in the proposed decision tree consisting of statistics, such as, a number of total inbound packets, and an average rate of downloading malwares.

show abstract

How Many Malicious Scanners Are in the Internet?

Kikuchi

Terada

View full text Add to dashboard Cite

A Spatio-Temporal malware and country clustering algorithm: 2012 IIJ MITF case study

Sisaat

Kittitornkun

Kikuchi

et al. 2016

Int. J. Inf. Secur.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Masato Terada

A discovery of sequential attack patterns of malware in botnets

Apriori-PrefixSpan Hybrid Approach for Automated Detection of Botnet Coordinated Attacks

Heuristics for Detecting Botnet Coordinated Attacks

How Many Malicious Scanners Are in the Internet?

A Spatio-Temporal malware and country clustering algorithm: 2012 IIJ MITF case study

Contact Info

Product

Resources

About