2019
DOI: 10.3390/sym11030326
|View full text |Cite
|
Sign up to set email alerts
|

A Feature Extraction Method for P2P Botnet Detection Using Graphic Symmetry Concept

Abstract: A DDoS (Distributed Denial of Service) attack makes use of a botnet to launch attacks and cause node congestion of wireless sensor networks, which is a common and serious threat. Due to the various kinds of features required in a Peer-to-Peer (P2P) botnet for DDoS attack detection via current machine learning methods and the failure to effectively detect encrypted botnets, this paper extracts the data packet size and the symmetric intervals in flow according to the concept of graphic symmetry. Combined with fl… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
7
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
6
2

Relationship

0
8

Authors

Journals

citations
Cited by 14 publications
(7 citation statements)
references
References 28 publications
0
7
0
Order By: Relevance
“…Yang and Wang extract the data packet size and the symmetric intervals in flow according to the concept of graphic symmetry. ey combine with flow information entropy and session features to detect the P2P botnet and get a high detection accuracy [16]. Dehkordi and Sadeghiyan propose an effective noderemoval method against P2P botnets [17].…”
Section: Related Workmentioning
confidence: 99%
“…Yang and Wang extract the data packet size and the symmetric intervals in flow according to the concept of graphic symmetry. ey combine with flow information entropy and session features to detect the P2P botnet and get a high detection accuracy [16]. Dehkordi and Sadeghiyan propose an effective noderemoval method against P2P botnets [17].…”
Section: Related Workmentioning
confidence: 99%
“…[36] proposed a model to track evolution of a botnet over time using Long Short-Term Memory (LSTM). The authors in [43] proposed a method to detect botnets based on extraction of the data packet size and symmetric intervals in flows, based on the concept of graphic symmetry combined with information entropy and session features. This combination allows obtaining features with better correlations that are used to detect botnets.…”
Section: Related Workmentioning
confidence: 99%
“…To compensate for these shortcomings, P2P-evolved botnets have emerged, each of which becomes a C&C server. The structure of the P2P botnet is shown in Figure 1c, and all bots act as C&C servers [29,30]. This is a method of performing commands and controls in a distributed rather than centralized way, so even if one P2P botnet server is discovered, a botnet can be operated with other servers without being neutralized.…”
Section: Overveiw Of Traditional Botnetsmentioning
confidence: 99%
“…However, for P2P botnets, the size of the supported groups (hosts) is much smaller than the existing centralized botnets. Centralized has thousands of hosts, but only a few dozen in the P2P model [29,30]. In addition, studies have suggested that P2P-based botnets can be detected through action-based or machine-learning-based detection methods [30], leading to the emergence of more advanced botnets to respond to this.…”
Section: Overveiw Of Traditional Botnetsmentioning
confidence: 99%