Methods to speed up error back-propagation learning algorithm
ACM Computing Surveys (CSUR)
A Neural Network Component for an Intrusion Detection System
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Protocol Analysis in Intrusion Detection Using Decision Tree
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Normalization as a Preprocessing Engine for Data Mining and the Approach of Preference Matrix
DEPCOS-RELCOMEX '06 Proceedings of the International Conference on Dependability of Computer Systems
An algorithm for anomaly-based botnet detection
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Wide-scale botnet detection and characterization
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Rishi: identify bot contaminated hosts by IRC nickname evaluation
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
DDoS Attack Detection Based on RLT Features
CIS '07 Proceedings of the 2007 International Conference on Computational Intelligence and Security
SS'08 Proceedings of the 17th conference on Security symposium
Framework for Zombie Detection Using Neural Networks
ICIMP '09 Proceedings of the 2009 Fourth International Conference on Internet Monitoring and Protection
Comparison of BPL and RBF network in intrusion detection system
RSFDGrC'03 Proceedings of the 9th international conference on Rough sets, fuzzy sets, data mining, and granular computing
A Botnet Detection System Based on Neural Networks
ICDT '10 Proceedings of the 2010 Fifth International Conference on Digital Telecommunications
Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Random-Forests-Based Network Intrusion Detection Systems
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
| Hi-index | 0.00 |
Botnets have become a rampant platform for malicious attacks, which poses a significant threat to internet security. The recent botnets have begun using common protocols such as HTTP which makes it even harder to distinguish their communication patterns. Most of the HTTP bot communications are based on TCP connections. In this work some TCP related features have been identified for the detection of HTTP botnets. With these features a Multi-Layer Feed Forward Neural Network training model using Bold Driver Back-propagation learning algorithm is created. The algorithm has the advantage of dynamically changing the learning rate parameter during weight updation process. Using this approach, Spyeye and Zeus botnets are efficiently identified. A comparison of the actively trained neural network model with a C4.5 Decision Tree, Random Forest and Radial Basis Function indicated that the actively learned neural network model has better identification accuracy with less false positives.