Botnet Detection using Clustering Algorithms

Alejandre, Francisco Villegas; Cortés, Nareli Cruz; Anaya, Eleazar Aguirre

doi:10.13053/rcs-118-1-6

Cited by 5 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Francisco Villegas Alejandre, Nareli Cruz Cortés, Eleazar Aguirre Anaya, 2016 [15] compared some clustering techniques on their ability to detect botnet traffic by selecting features that distinguish connections belonging to or not belonging to a botnet. It was found that the K-medoids algorithm was better for almost all the experiments than K-means.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Detection of Botnet Using Flow Analysis and Clustering Algorithm

Ahlawat¹,

Sherya²,

Shruti³

et al. 2019

IJMECS

View full text Add to dashboard Cite

With the increase of digital data on the internet, computers are at higher risk of getting corrupted through cyber-attacks. Criminals are adopting more and more sophisticated techniques to steal sensitive information from the web. The botnet is one of the most aggressive threats as it combines lots of advanced malicious techniques. Detection of the botnet is one of the most serious concerns and prominent research area among the researchers. This paper proposes a detection model using the clustering algorithm to group bot traffic and normal traffic into two different clusters. Our contribution focused on applying K-means clustering algorithm to detect botnets based on their detection rate (true and false positives). Experimental results clearly demonstrate the fact that with the help of clustering we were able to separate the complete dataset into two entirely distinguishable clusters, where one cluster is representing the botnet traffic and other one representing the normal traffic.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Final cluster centroidsCluster 0:This cluster is purely in majority with 71% of the points lying in cluster 0. Cluster 0 mainly uses the TCP protocol and has an average length of 76 15. units.…”

mentioning

confidence: 99%