Filters








563 Hits in 8.0 sec

Semantics based analysis of botnet activity from heterogeneous data sources

Santiago Ruano Rincon, Sandrine Vaton, Antoine Beugnard, Serge Garlatti
2015 2015 International Wireless Communications and Mobile Computing Conference (IWCMC)  
This approach is able to enhance current DNS based botnet detection methods, taking into account additional heterogeneous analysis elements.  ...  Based on this architecture, we implement a tool that looks for malicious bot activity, studying, from a unique point of view, DNS traffic from PCAP sources, and TCP connections from IPFIX reports.  ...  In this work, we have relied on ontologies and semantic tools to evaluate the botnet activity in a network by uniformly analysing two heterogeneous data sources.  ... 
doi:10.1109/iwcmc.2015.7289115 dblp:conf/iwcmc/RinconVBG15 fatcat:7zbgmazxl5dgrpl6tz4oose4jy

Detecting Botnets using a Collaborative Situational-aware IDPS

M. Lisa Mathews, Anupam Joshi, Tim Finin
2016 Proceedings of the 2nd International Conference on Information Systems Security and Privacy  
Also, traditional IDPSs are point-based solutions incapable of utilizing information from multiple data sources and have difficulty discovering new or more complex attacks.  ...  Leveraging information from these heterogeneous sources leads to a more robust, situational-aware IDPS that is better equipped to detect complicated attacks such as botnets.  ...  The first involves the gathering of data from different channels such as online web sources, logs from existing IDS/IPS systems, host-based activity monitors, network activity monitors, and hardware security  ... 
doi:10.5220/0005684902900298 dblp:conf/icissp/MathewsJF16 fatcat:hjlkpx53vbbfznmcqbfandiufi

Gravity-Law Based Critical Bots Identification in Large-Scale Heterogeneous Bot Infection Network

Qinglin He, Lihong Wang, Lin Cui, Libin Yang, Bing Luo
2022 Electronics  
Specifically, we first model the propagation of the botnet as a Heterogeneous Bot Infection Network (HBIN).  ...  Experimental results based on large-scale sample collections from the implemented prototype system demonstrate the promising performance of our scheme, comparing it with other state-of-the-art baselines  ...  The sources of botnet samples can roughly be divided into two categories: one is generated by active probing, the other is derived from traffic analysis.  ... 
doi:10.3390/electronics11111771 fatcat:onffuouadjbclhn66eix2guwsm

Towards Situational Awareness of Large-Scale Botnet Probing Events

Zhichun Li, Anup Goyal, Yan Chen, Vern Paxson
2011 IEEE Transactions on Information Forensics and Security  
Our analysis draws upon extensive honeynet data to explore the prevalence of different types of scanning, including properties, such as trend, uniformity, coordination, and darknet avoidance.  ...  Cross-validating with data from DShield shows that our inferences exhibit promising accuracy.  ...  We confirm their common use both from botnet source code analysis (Section III-A) and experimental observations (Section VI).  ... 
doi:10.1109/tifs.2010.2086445 fatcat:gm6oe2renjefrfr2fbhybf4wai

Predictive Analysis of Ransomware Attacks using Context-aware AI in IoT Systems

Vytarani Mathane, P.V. Lakshmi
2021 International Journal of Advanced Computer Science and Applications  
Ransomware attacks are emerging as a major source of malware intrusion in recent times.  ...  There is an increase of 60 % of reduction in time taken when using contextaware dataset over the non-context aware data.  ...  Location for tracking target and source, time for identifying the time of events occurring on the device, activity to find the set of events that leads to suspicious activity, relation to identifying the  ... 
doi:10.14569/ijacsa.2021.0120432 fatcat:4r2urwsdfnckxmrlknemaxfm5a

Automating analysis of large-scale botnet probing events

Zhichun Li, Anup Goyal, Yan Chen, Vern Paxson
2009 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS '09  
Our analysis draws upon extensive honeynet data to explore the prevalence of different types of scanning, including properties such as trend, uniformity, coordination, and darknet avoidance.  ...  Cross-validating with data from DShield shows that our inferences exhibit promising accuracy.  ...  Most likely these botnet events are driven by a single botmaster. From Figure 8 , we also find that the number of sources involved in a botnet event is quite heterogeneous.  ... 
doi:10.1145/1533057.1533063 dblp:conf/ccs/LiGCP09 fatcat:ip4f3pxwyvhfrn7mwdhqzauvda

Survey on Botnet Detection Techniques: Classification, Methods, and Evaluation

Ying Xing, Hui Shu, Hao Zhao, Dannong Li, Li Guo, Jude Hemanth
2021 Mathematical Problems in Engineering  
It studies the mechanism characteristics of botnet architecture, life cycle, and command and control channel and provides a classification of botnet detection techniques.  ...  With the continuous evolution of the Internet, as well as the development of the Internet of Things, smart terminals, cloud platforms, and social platforms, botnets showing the characteristics of platform  ...  the underlying semantics.  ... 
doi:10.1155/2021/6640499 fatcat:hkafnnj2cnbzjdbuk6iel3b5cm

SDN Based DDos Mitigating Approach Using Traffic Entropy for IoT Network

Muhammad Ibrahim, Muhammad Hanif, Shabir Ahmad, Faisal Jamil, Tayyaba Sehar, YunJung Lee, DoHyeun Kim
2022 Computers Materials & Continua  
The controller node correlates the entropies data of SENs and decides about the DoS or DDoS attack. So, there are two decision points, one is SEN, and another is the controller.  ...  The BEP is used for handling Blockchain-related activities and SEN could be a sensor or actuator node within the fitness IoT system.  ...  In [21] , the authors described the IoT data aspects, categorized as heterogeneity, inaccuracy of sensed data, scalability, and semantics.  ... 
doi:10.32604/cmc.2022.017772 fatcat:k7klkv6dn5h4tpeyp6r3fiwk3y

Mining Function Homology of Bot Loaders from Honeypot Logs [article]

Yuhui Zhu, Zhenxiang Chen, Qiben Yan, Shanshan Wang, Enlong Li, Lizhi Peng, Chuan Zhao
2022 arXiv   pre-print
While researchers can dissect bot clients to get various information of botnets, the cloud-based and self-contained design of loaders effectively hinders researchers from understanding the loaders' evolution  ...  This paper uncovers the homology of active botnet infrastructures, providing a new prospect on finding covert relationships among cybercrimes.  ...  [13] tried mining unique strings from logs to build associations among active botnets. Tabari et al.  ... 
arXiv:2206.00385v1 fatcat:np7gvpbn2rbp3aw7exjmij2ru4

STARLORD: Linked security data exploration in a 3D graph

Laetitia Leichtnam, Eric Totel, Nicolas Prigent, Ludovic Me
2017 2017 IEEE Symposium on Visualization for Cyber Security (VizSec)  
In this paper, we present a novel modelization and visualization approach for heterogeneous sources of data. We represent our data by using a model inspired by STIX.  ...  The visualization is based on a 3D graph representation that highlights the link between malicious event and allows to focus on relevant security artifacts.  ...  It is based on a graph representation of attributes coming from heterogeneous sources and notably Threat Intelligence.  ... 
doi:10.1109/vizsec.2017.8062203 dblp:conf/vizsec/LeichtnamTPM17 fatcat:nvd44zohsjge7lftap5yi3365e

A Review on Honeypot-based Botnet Detection Models for Smart Factory

Lee Seungjin, Azween Abdullah, NZ Jhanjhi
2020 International Journal of Advanced Computer Science and Applications  
It is then used for analysis by machine learning. As a result, responding actions are generated to act against the botnet attack.  ...  Notably, a comparative analysis of the effectiveness of honeypot detection in various applications is accomplished and the application of honey in the smart factories is reviewed.  ...  At the data application layer, the cloud platform should be able to perform semantic analysis of various data.  ... 
doi:10.14569/ijacsa.2020.0110654 fatcat:zkyul4cij5g37mnorccqf7b6xm

A Two-Level Flow-Based Anomalous Activity Detection System for IoT Networks

Imtiaz Ullah, Qusay H. Mahmoud
2020 Electronics  
Flow-based features extracted from the IoT Botnet dataset and various machine learning algorithms were investigated and tested via different cross-fold validation tests to select the best algorithm.  ...  Our proposed model constructed on flow-based features of the IoT network. Flow-based detection methodologies only inspect packet headers to classify the network traffic.  ...  Dataset information comes from three sources: CPU/memory usage, low-level system information or user command, and network data packets.  ... 
doi:10.3390/electronics9030530 fatcat:qe6krxv3kzgivghdfprupmrlsy

SoK: Applying Machine Learning in Security - A Survey [article]

Heju Jiang, Jasvir Nagra, Parvez Ahammad
2016 arXiv   pre-print
Based on our survey, we also suggest a point of view that treats security as a game theory problem instead of a batch-trained ML problem.  ...  In this paper, we systematically study the methods, algorithms, and system designs in academic publications from 2008-2015 that applied ML in security domains. 98 percent of the surveyed papers appeared  ...  We survey cutting-edge research on applied ML in security, and provide a high-level overview taxonomy of ML paradigms and security domains. 2.  ... 
arXiv:1611.03186v1 fatcat:hfvc5hhu7ze77lrnjufslcg6gm

Security trends in Internet of Things: a survey

Rachit, Shobha Bhatt, Prakash Rao Ragiri
2021 SN Applied Sciences  
A security-specific comparative analysis of protocols, standards, and proffered security models are presented as per IoT security requirements.  ...  This study elicits the need for standardization at the communication and data audit level, which exposes the hardware, software, and data to various threats and attacks.  ...  of active data gathering in which critical system info is captured and later utilized for attacks like botnet attack.  ... 
doi:10.1007/s42452-021-04156-9 fatcat:46srogfggjhndgeuy6lqyllsxq

Tweet-Based Bot Detection Using Big Data Analytics

Abdelouahid Derhab, Rahaf Alawwad, Khawlah Dehwah, Noshina Tariq, Farrukh Aslam Khan, Jalal Al-Muhtadi
2021 IEEE Access  
ACKNOWLEDGMENT The authors extend their sincere appreciation to the Deanship of Scientific Research at King Saud University, Saudi Arabia, for funding this work through the Research Group No. RGP-214.  ...  [68] proposed a heterogeneous stacking-based ensemble learning framework, which consists of two main modules: a base module and a combined module.  ...  In particular, shallow (conventional) and deep learning techniques have received considerable attention from the academia and industry due to their success in dealing with heterogeneous and complex data  ... 
doi:10.1109/access.2021.3074953 fatcat:n4womre6cbdddbe5oeqrivn4hy
« Previous Showing results 1 — 15 out of 563 results