Yin, 2014 - Google Patents
Towards Accurate Node‐Based Detection of P2P BotnetsYin, 2014
View PDF- Document ID
- 4753782624798819904
- Author
- Yin C
- Publication year
- Publication venue
- The Scientific World Journal
External Links
Snippet
Botnets are a serious security threat to the current Internet infrastructure. In this paper, we propose a novel direction for P2P botnet detection called node‐based detection. This approach focuses on the network characteristics of individual nodes. Based on our model …
- 238000001514 detection method 0 title abstract description 98
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2697—Testing equipment; Routine testing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/58—Message switching systems, e.g. electronic mail systems
- H04L12/585—Message switching systems, e.g. electronic mail systems with filtering and selective blocking capabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/104—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks
- H04L67/1042—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks involving topology management mechanisms
- H04L67/1044—Group management mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
- H04L12/5601—Transfer mode dependent, e.g. ATM
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/10—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network
- H04L67/104—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks
- H04L67/1087—Network-specific arrangements or communication protocols supporting networked applications in which an application is distributed across nodes in the network for peer-to-peer [P2P] networking; Functionalities or architectural details of P2P networks involving cross functional networking aspects
- H04L67/1093—Some peer nodes performing special functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eskandari et al. | Passban IDS: An intelligent anomaly-based intrusion detection system for IoT edge devices | |
| Lima Filho et al. | Smart detection: an online approach for DoS/DDoS attack detection using machine learning | |
| Zhao et al. | Botnet detection based on traffic behavior analysis and flow intervals | |
| Zhao et al. | Peer to peer botnet detection based on flow intervals | |
| Ahmed et al. | Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking | |
| Yin | Towards Accurate Node‐Based Detection of P2P Botnets | |
| Stevanovic et al. | Machine learning for identifying botnet network traffic | |
| Alaidaros et al. | An overview of flow-based and packet-based intrusion detection performance in high speed networks | |
| Dhayal et al. | Botnet and p2p botnet detection strategies: a review | |
| Kheir et al. | Botsuer: Suing stealthy p2p bots in network traffic through netflow analysis | |
| Haddadi et al. | DoS-DDoS: taxonomies of attacks, countermeasures, and well-known defense mechanisms in cloud environment | |
| Narang et al. | PeerShark: flow-clustering and conversation-generation for malicious peer-to-peer traffic identification | |
| Shanthi et al. | Detection of botnet by analyzing network traffic flow characteristics using open source tools | |
| Seo et al. | A study on efficient detection of network-based IP spoofing DDoS and malware-infected Systems | |
| Siddiqui et al. | Survey on unified threat management (UTM) systems for home networks | |
| Haddadi et al. | Botnet behaviour analysis: How would a data analytics‐based system with minimum a priori information perform? | |
| Garg et al. | Scalable P2P bot detection system based on network data stream | |
| Hsu et al. | Detecting Web‐Based Botnets Using Bot Communication Traffic Features | |
| Khosravifar et al. | An experience improving intrusion detection systems false alarm ratio by using honeypot | |
| Alizadeh et al. | Traffic classification for managing applications’ networking profiles | |
| Alauthman | An efficient approach to online bot detection based on a reinforcement learning technique | |
| Wang et al. | Identifying peer-to-peer botnets through periodicity behavior analysis | |
| Kheir et al. | Behavioral fine-grained detection and classification of P2P bots | |
| Abaid et al. | Early detection of in-the-wild botnet attacks by exploiting network communication uniformity: An empirical study | |
| Lavaur et al. | Federated learning as enabler for collaborative security between not fully-trusting distributed parties |