Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection

Kozik, Rafał; Choraś, Michał

doi:10.1155/2017/6047053

Cited by 12 publications

(10 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…BotFP is also designed to detect malicious network activities such as port scans and DDoS attacks. Kozik and Choraś introduce techniques [124] used in big data and machine learning to identify botnet traffic in networks. The multi-scale analysis model is used to extract botnet features from network traffic, which are then classified using a random forest machine learning algorithm.…”

Section: Machine Learning and Network-based Detection Mechanismsmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literature review on botnets is presented to the reader in order to obtain an understanding of the incentives, evolution, detection, mitigation and current trends within the field of botnet research in pervasive computing. The literature review focuses particularly on the topic of botnet detection and the proposed solutions to mitigate the threat of botnets in system security. Botnet detection and mitigation mechanisms are categorised and briefly described to allow for an easy overview of the many proposed solutions. The paper also summarises the findings to identify current challenges and trends within research to help identify improvements for further botnet mitigation research.

show abstract

Section: Machine Learning and Network-based Detection Mechanismsmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

show abstract

“…The process of proper feature engineering can become problematic for detection mechanisms in NIDS. To alleviate this problem, some contemporary neural network algorithms offer a direct process for raw features, allowing them to fit to the unprocessed data and then perform classification [Liu and Lang, 2019].…”

Section: Contributions and Structurementioning

confidence: 99%

“…The lack of balance of classes in the dataset may cause trouble for ML algorithms [Ksieniewicz and Woźniak, 2018]. To compensate for the class imbalance, a data balancing procedure on the IoT-23 dataset was implemented.…”

Section: Strategies Usedmentioning

confidence: 99%

Detection of Cyberattacks Traces in IoT Data

Dutta¹,

Choraś²,

Pawlicki³

et al. 2020

jucs

Self Cite

View full text Add to dashboard Cite

Artificial Intelligence plays a significant role in building effective cybersecurity tools. Security has a crucial role in the modern digital world and has become an essential area of research. Network Intrusion Detection Systems (NIDS) are among the first security systems that encounter network attacks and facilitate attack detection to protect a network. Contemporary machine learning approaches, like novel neural network architectures, are succeeding in network intrusion detection. This paper tests modern machine learning approaches on a novel cybersecurity benchmark IoT dataset. Among other algorithms, Deep AutoEncoder (DAE) and modified Long Short Term Memory (mLSTM) are employed to detect network anomalies in the IoT-23 dataset. The DAE is employed for dimensionality reduction and a host of ML methods, including Deep Neural Networks and Long Short-Term Memory to classify the outputs of into normal/malicious. The applied method is validated on the IoT-23 dataset. Furthermore, the results of the analysis in terms of evaluation matrices are discussed.

show abstract

“…The following projects with similar goals to Colander provided inspiration for its inception, as they both collect data from home PCs. There are various other solutions that provided additional inspiration, such as the specialized rule-based multiagent IDS described in [19] or the botnet netflow-based detector based on machine learning pattern identification demonstrated in [20], but their impact on our system is quite limited. Turris project 10 was established by the association CZ-NIC.…”

Section: Similar Threat Data Gathering Projectsmentioning

confidence: 99%

Intrusion Detection System for Home Windows based Computers

2019

KSII TIIS

View full text Add to dashboard Cite

The paper is devoted to the detailed description of the distributed system for gathering data from Windows-based workstations and servers. The research presented in the beginning demonstrates that neither a solution for gathering data on attacks against Windows based PCs is available at present nor other security tools and supplementary programs can be combined in order to achieve the required attack data gathering from Windows computers. The design of the newly proposed system named Colander is presented, too. It is based on a client-server architecture while taking much inspiration from previous attempts for designing systems with similar purpose, as well as from IDS systems like Snort. Colander emphasizes its ease of use and minimum demand for system resources. Although the resource usage is usually low, it still requires further optimization, as is noted in the performance testing. Colander's ability to detect threats has been tested by real malware, and it has undergone a pilot field application. Future prospects and development are also proposed.

show abstract

Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection

Cited by 12 publications

References 15 publications

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Detection of Cyberattacks Traces in IoT Data

Intrusion Detection System for Home Windows based Computers

Contact Info

Product

Resources

About