BoTShark: A Deep Learning Approach for Botnet Traffic Detection

Homayoun, Sajad; Ahmadzadeh, Marzieh; Hashemi, Sattar; Dehghantanha, Ali; Khayami, Raouf

doi:10.1007/978-3-319-73951-9_7

Cited by 53 publications

(28 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…total bytes, number of packets from source to destination and from destination to source, and flow duration, cannot be computed when the traffic features are collected within observation time windows. Approaches based on flow-level statistics have also been proposed in [34]- [39], among many others. In particular, [36]- [39] use flow-level statistics to feed CNNs and other DL models, as discussed in Sec.…”

Section: A Statistical Approaches To Ddos Detectionmentioning

confidence: 99%

“…Approaches based on flow-level statistics have also been proposed in [34]- [39], among many others. In particular, [36]- [39] use flow-level statistics to feed CNNs and other DL models, as discussed in Sec. II-C. To overcome the limitations of statistical approaches to DDoS detection, machine learning techniques have been explored.…”

Section: A Statistical Approaches To Ddos Detectionmentioning

confidence: 99%

“…Some CNN-based works [36]- [39], as identified in Sec. II-A, use flow-level statistics (total bytes, flow duration, total number of flags, etc.)…”

Section: Deep Learning For Ddos Detectionmentioning

confidence: 99%

See 2 more Smart Citations

Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

Doriguzzi-Corin

Millar

Scott-Hayward

et al. 2020

IEEE Trans. Netw. Serv. Manage.

249

105

View full text Add to dashboard Cite

Distributed Denial of Service (DDoS) attacks are one of the most harmful threats in today's Internet, disrupting the availability of essential services. The challenge of DDoS detection is the combination of attack approaches coupled with the volume of live traffic to be analysed. In this paper, we present a practical, lightweight deep learning DDoS detection system called LUCID, which exploits the properties of Convolutional Neural Networks (CNNs) to classify traffic flows as either malicious or benign. We make four main contributions; (1) an innovative application of a CNN to detect DDoS traffic with low processing overhead, (2) a dataset-agnostic preprocessing mechanism to produce traffic observations for online attack detection, (3) an activation analysis to explain LUCID's DDoS classification, and (4) an empirical validation of the solution on a resource-constrained hardware platform. Using the latest datasets, LUCID matches existing stateof-the-art detection accuracy whilst presenting a 40x reduction in processing time, as compared to the state-of-the-art. With our evaluation results, we prove that the proposed approach is suitable for effective DDoS detection in resource-constrained operational environments.

show abstract

Section: A Statistical Approaches To Ddos Detectionmentioning

confidence: 99%

Section: A Statistical Approaches To Ddos Detectionmentioning

confidence: 99%

See 1 more Smart Citation

Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

Doriguzzi-Corin

Millar

Scott-Hayward

et al. 2020

IEEE Trans. Netw. Serv. Manage.

249

105

View full text Add to dashboard Cite

show abstract

“…This approach aims to evaluate the malware by executing the application. 40,41 By comparing with static analysis, this approach is more complicated as resource consumption is performed in real environment. The benefit of this method is that it loads target information to determine the application behavior during runtime.…”

Section: Dynamic Analysismentioning

confidence: 99%

Privacy issues of android application permissions: A literature review

Shrivastava

Kumar

Gupta

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Android is an application platform for mobile devices. It comprises of the operating system, software framework, and core programs. This platform uses permissions to hide precious information about the user from untrusted apps. However, to install an application, device feature uses permissions that are granted by the user. User has the ability to analyze permissions and abort the setup if the permissions are unfriendly or unrestrained. Android permission analysis schemes show a significant role to fight against these undesirable behaviors of untrusted android apps in the aspect of security and privacy. This survey attempts to deal with the android application permissions that are related security and privacy challenges. It includes various research articles published in computers and security, digital investigation, decision support systems, systems and software security, and information forensics journals in the last 10 years. The survey is based on the following considerations: research issues motivated by the scheme, the methodology used, ability of result analysis conducted, and android features considered for performance evaluation.

show abstract

“…With the result, the hidden layer learns to build a smaller representation of the input. Examples of IoT use-cases that utilized AEs include human activity recognition [113], privacy preservation in sensor data analytics [114], prediction performance improvement in sensor and wearable systems [115], botnet traffic detection [116], fault diagnosis [117], etc.…”

mentioning

confidence: 99%

Data Analytics in the Internet of Things: A Survey

Saleem

Chishti

2019

SCPE

View full text Add to dashboard Cite

The plethora of sensors deployed in Internet of Things (IoT) environments generate unprecedented volumes of data, thereby creating a data deluge. Data collected from these sensors can be used to comprehend, examine and control intricate environments around us, facilitating greater intelligence, smarter decision-making, and better performance. The key challenge here is how to mine out proﬁcient information from such immense data. Copious solutions have been put forth to obtain valuable inferences and insights, however, these solutions are still in their developing stages. Moreover, conventional procedures do not address the surging analytical demands of IoT systems. Motivated to resolve this concern, this work investigates the key enablers for performing desired data analytics in IoT applications. A comprehensive survey on the identiﬁed key enablers including their role in IoT data analytics, use cases in which they have been applied and the corresponding IoT applications for the use cases is presented. Furthermore, open research challenges and future research opportunities are also discussed. This article can be used as a basis to foster advanced research in the arena of IoT data analytics.

show abstract

BoTShark: A Deep Learning Approach for Botnet Traffic Detection

Cited by 53 publications

References 29 publications

Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

Lucid: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection

Privacy issues of android application permissions: A literature review

Data Analytics in the Internet of Things: A Survey

Contact Info

Product

Resources

About