A Normalized Levenshtein Distance Metric
IEEE Transactions on Pattern Analysis and Machine Intelligence
Peer-to-peer botnets: overview and case study
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
QEST '08 Proceedings of the 2008 Fifth International Conference on Quantitative Evaluation of Systems
BotGAD: detecting botnets by capturing group activities in network traffic
Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE
A Systematic Study on Peer-to-Peer Botnets
ICCCN '09 Proceedings of the 2009 Proceedings of 18th International Conference on Computer Communications and Networks
P2P botnet detection using behavior clustering & statistical tests
Proceedings of the 2nd ACM workshop on Security and artificial intelligence
Common Neighborhood Sub-graph Density as a Similarity Measure for Community Detection
ICONIP '09 Proceedings of the 16th International Conference on Neural Information Processing: Part I
| Hi-index | 0.00 |
Botnet is becoming the biggest threat to the integrity of Internet and its resources. The advent of P2P botnets has made detection and prevention of botnets very difficult. In this paper, we propose a set of metrics for efficient botnet detection. The proposed metrics captures the unique group behavior that is inherent in bot communications. Our premise for proposing group behavior metrics for botnet detection is that, group behavior observed in botnets are unique and this unique group behavior property is inherent in the botnet architecture. The proposed group behavior metrics uses three standard network traffic characteristics, namely, topological properties, traffic pattern statistics and protocol sequence and usage to derive the proposed metrics. We derive six group behavior metrics and illustrate the efficiency of botnet detection using these metrics. It was observed that, group behavior metrics offers a promising solution for botnet detection.