Name
Abstract | ||
|---|---|---|
With large scale botnets emerging as one of the major current threats, the automatic detection of botnet traffic is of high importance for service providers and large campus network monitoring. Faced with high speed network connections, detecting botnets must be efficient and accurate. This paper proposes a novel approach for this task, where NetFlow related data is correlated and a host dependency model is leveraged for advanced data mining purposes. We extend the popular linkage analysis algorithm PageRank [27] with an additional clustering process in order to efficiently detect stealthy botnets using peer-to-peer communication infrastructures and not exhibiting large volumes of traffic. The key conceptual component in our approach is to analyze communication behavioral patterns and to infer potential botnet activities. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1007/978-3-642-20757-0_1 | Networking (1) |
Keywords | Field | DocType |
high speed network connection,stealthy botnets,high importance,advanced data mining purpose,large volume,communication behavioral pattern,large campus network monitoring,botnet traffic,large scale,netflow related data,botnets,linkage analysis,network security,data mining,network monitoring,relational data,service provider | Behavioral pattern,PageRank,Campus network,Botnet,Computer science,NetFlow,Computer security,Network security,Computer network,Service provider,Cluster analysis | Conference |
Volume | ISSN | Citations |
6640 | 0302-9743 | 54 |
PageRank | References | Authors |
1.93 | 32 | 4 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jérôme François | 1 | 170 | 21.81 |
| Shaonan Wang | 2 | 75 | 4.90 |
| Radu State | 3 | 623 | 86.87 |
| Thomas Engel | 4 | 538 | 59.08 |