Feature selection for detection of peer-to-peer botnet traffic

Authors:
Pratik Narang;Jagan Mohan Reddy;Chittaranjan Hota
Affiliations:
Birla Institute of Technology and Science-Pilani, Hyderabad Campus, Shameerpet, R.R. District, A.P., India;Birla Institute of Technology and Science-Pilani, Hyderabad Campus, Shameerpet, R.R. District, A.P., India;Birla Institute of Technology and Science-Pilani, Hyderabad Campus, Shameerpet, R.R. District, A.P., India
Venue:
Proceedings of the 6th ACM India Computing Convention
Year:
2013

Citing 12
Cited 1

Consistency-based search in feature selection

Artificial Intelligence
A Bias-Variance Analysis of a Real World Learning Problem: The CoIL Challenge 2000

Machine Learning
Introduction to Data Mining, (First Edition)

Introduction to Data Mining, (First Edition)
A preliminary performance comparison of five machine learning algorithms for practical IP traffic flow classification

ACM SIGCOMM Computer Communication Review
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)

Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Detecting P2P Botnets Using a Multi-phased Flow Model

ICDS '09 Proceedings of the 2009 Third International Conference on Digital Society
A Survey of Botnet Technology and Defenses

CATCH '09 Proceedings of the 2009 Cybersecurity Applications & Technology Conference for Homeland Security
The WEKA data mining software: an update

ACM SIGKDD Explorations Newsletter
Are Your Hosts Trading or Plotting? Telling P2P File-Sharing and Bots Apart

ICDCS '10 Proceedings of the 2010 IEEE 30th International Conference on Distributed Computing Systems
Towards a Generic Feature-Selection Measure for Intrusion Detection

ICPR '10 Proceedings of the 2010 20th International Conference on Pattern Recognition
The feature selection and intrusion detection problems

ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday
PeerRush: mining for unwanted p2p traffic

DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment

P2P traffic classification using ensemble learning

Proceedings of the 5th IBM Collaborative Academia Research Exchange Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

The use of anomaly-based classification of intrusions has increased significantly for Intrusion Detection Systems. Large number of training data samples and a good 'feature set' are two primary requirements to build effective classification models with machine learning algorithms. Since the amount of data available for malicious traffic will often be small compared to the available traces of benign traffic, extraction of 'good' features which enable detection of malicious traffic is a challenging area of work. This research work presents preliminary results of comparison of performance of three different feature selection algorithms - Correlation based feature selection, Consistency based subset evaluation and Principal component analysis-on three different Machine learning techniques- namely Decision trees, Naïve Bayes classifier, and Bayesian Network classifier. These algorithms are evaluated for the detection of Peer-to-Peer (P2P) based botnet traffic.