A Novel Ensemble Anomaly based Approach for Command and Control Channel Detection

被引：3

作者：

Chen, Tao ^{[1
]}

Zhou, Guangming ^{[2
]}

Liu, Zhangpu ^{[3
,4
]}

Jing, Tao ^{[5
]}

机构：

[1] Informat Ctr 2, POB 1711, Beijing, Peoples R China

[2] China Natl Salt Ind Grp Co Ltd, Beijing, Peoples R China

[3] Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China

[4] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China

[5] Chinese Acad Sci, Off Gen Affairs, 52 Sanlihe Rd, Beijing, Peoples R China

来源：

2020 4TH INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, SECURITY AND PRIVACY (ICCSP 2020) | 2020年

关键词：

Network Security; Botnet; C&C Channel; Network Behavior;

D O I：

10.1145/3377644.3377652

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The C&C Channel is an indispensable characteristic of botnet. Recognizing and blocking the C&C Channel is of great importance to eliminate the threats of botnet. To overcome the limitation of major behavior based methods, we propose a new ensemble anomaly based approach, which only uses the normal traffic for training. It consists of two detectors which profile and analysis the behavior deviations from different aspects. It has the advantages of reducing the false alarms of traditional anomaly detectors and improving the detection performance. We evaluated it on 5 different datasets and achieved good detection performance.

引用

页码：74 / 78

页数：5

共 50 条

[1] Unsupervised and Ensemble-based Anomaly Detection Method for Network Security
Yang, Donghun
Hwang, Myunggwon
2022-14TH INTERNATIONAL CONFERENCE ON KNOWLEDGE AND SMART TECHNOLOGY (KST 2022), 2022, : 75 - 79
[2] ENAD: An Ensemble Framework for Unsupervised Network Anomaly Detection
Liao, Jingyi
Teo, Sin G.
Kundu, Partha Pratim
Tram Truong-Huu
PROCEEDINGS OF THE 2021 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2021, : 81 - 88
[3] Mateen: Adaptive Ensemble Learning for Network Anomaly Detection
Alotaibi, Fahad
Maffeis, Sergio
PROCEEDINGS OF 27TH INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES, RAID 2024, 2024, : 215 - 234
[4] EnClass: Ensemble-based Classification Model for Network Anomaly Detection in Massive Datasets
Garg, Sahil
Singh, Amritpal
Batra, Shalini
Kumar, Neeraj
Obaidat, M. S.
GLOBECOM 2017 - 2017 IEEE GLOBAL COMMUNICATIONS CONFERENCE, 2017,
[5] An outlier ensemble for unsupervised anomaly detection in honeypots data
Boukela, Lynda
Zhang, Gongxuan
Bouzefrane, Samia
Zhou, Junlong
INTELLIGENT DATA ANALYSIS, 2020, 24 (04) : 743 - 758
[6] Anomaly Detection Approach Based on Deep Neural Network and Dropout
Hussien, Zaid Khalaf
Dhannoon, Ban N.
BAGHDAD SCIENCE JOURNAL, 2020, 17 (02) : 701 - 709
[7] A novel LDoS attack detection method based on reconstruction anomaly
Tang, Dan
Yan, Yudong
Dai, Rui
Qin, Zheng
Chen, Jingwen
Zhang, Dongshuo
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2022, 25 (02): : 1373 - 1392
[8] A novel LDoS attack detection method based on reconstruction anomaly
Dan Tang
Yudong Yan
Rui Dai
Zheng Qin
Jingwen Chen
Dongshuo Zhang
Cluster Computing, 2022, 25 : 1373 - 1392
[9] A novel approach to intrusion detection using SVM ensemble with feature augmentation
Gu, Jie
Wang, Lihong
Wang, Huiwen
Wang, Shanshan
COMPUTERS & SECURITY, 2019, 86 : 53 - 62
[10] Network Traffic Anomaly Detection Based on Spatiotemporal Feature Extraction and Channel Attention
Ji, Changpeng
Yu, Haofeng
Dai, Wei
PROCESSES, 2024, 12 (07)

← 1 2 3 4 5 →