A Proposal of Metrics for Botnet Detection Based on Its Cooperative Behavior

Authors:
Mitsuaki Akiyama;Takanori Kawamoto;Masayoshi Shimamura;Teruaki Yokoyama;Youki Kadobayashi;Suguru Yamaguchi
Affiliations:
Nara Institute of Science and Technology, Japan;Nara Institute of Science and Technology, Japan;Nara Institute of Science and Technology, Japan;Nara Institute of Science and Technology, Japan;Nara Institute of Science and Technology, Japan;Nara Institute of Science and Technology, Japan
Venue:
SAINT-W '07 Proceedings of the 2007 International Symposium on Applications and the Internet Workshops
Year:
2007

Citing 0
Cited 13

Overview of AI3 network: design and applications of satellite network

Proceedings of the 2007 workshop on Networked systems for developing regions
Automatic discovery of botnet communities on large-scale communication networks

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Hardening Botnet by a Rational Botmaster

Information Security and Cryptology
BotCop: An Online Botnet Traffic Classifier

CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
Anomaly-Based Detection of IRC Botnets by Means of One-Class Support Vector Classifiers

ICIAP '09 Proceedings of the 15th International Conference on Image Analysis and Processing
Botnet: classification, attacks, detection, tracing, and preventive measures

ICICIC '09 Proceedings of the 2009 Fourth International Conference on Innovative Computing, Information and Control
Clustering botnet communication traffic based on n-gram feature selection

Computer Communications
Agent-based simulation of cooperative defence against botnets

Concurrency and Computation: Practice & Experience
Botnets: a heuristic-based detection framework

Proceedings of the Fifth International Conference on Security of Information and Networks
Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service

Proceedings of the 28th Annual Computer Security Applications Conference
Botnet detection based on non-negative matrix factorization and the MDL principle

ICONIP'12 Proceedings of the 19th international conference on Neural Information Processing - Volume Part V
Simulation-based study of botnets and defense mechanisms against them

Journal of Computer and Systems Sciences International
Leveraging honest users: stealth command-and-control of botnets

WOOT'13 Proceedings of the 7th USENIX conference on Offensive Technologies

Quantified Score

Hi-index	0.01

Visualization

Abstract

In this paper, we propose three metrics for detecting botnets through analyzing their behavior. Our social infrastructure (i.e., the Internet) is currently experiencing the danger of bots' malicious activities as the scale of botnets increases. Although it is imperative to detect botnet to help protect computers from attacks, effective metrics for botnet detection have not been adequately researched. In this work we measure enormous amounts of traffic passing through the Asian Internet Interconnection Initiatives (AIII) infrastructure. To validate the effectiveness of our proposed metrics, we analyze measured traffic in three experiments. The experimental results reveal that our metrics are applicable for detecting botnets, but further research is needed to refine their performance.