A Novel Ensemble Anomaly based Approach for Command and Control Channel Detection

被引：3

作者：

Chen, Tao ^{[1
]}

Zhou, Guangming ^{[2
]}

Liu, Zhangpu ^{[3
,4
]}

Jing, Tao ^{[5
]}

机构：

[1] Informat Ctr 2, POB 1711, Beijing, Peoples R China

[2] China Natl Salt Ind Grp Co Ltd, Beijing, Peoples R China

[3] Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China

[4] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China

[5] Chinese Acad Sci, Off Gen Affairs, 52 Sanlihe Rd, Beijing, Peoples R China

来源：

2020 4TH INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, SECURITY AND PRIVACY (ICCSP 2020) | 2020年

关键词：

Network Security; Botnet; C&C Channel; Network Behavior;

D O I：

10.1145/3377644.3377652

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The C&C Channel is an indispensable characteristic of botnet. Recognizing and blocking the C&C Channel is of great importance to eliminate the threats of botnet. To overcome the limitation of major behavior based methods, we propose a new ensemble anomaly based approach, which only uses the normal traffic for training. It consists of two detectors which profile and analysis the behavior deviations from different aspects. It has the advantages of reducing the false alarms of traditional anomaly detectors and improving the detection performance. We evaluated it on 5 different datasets and achieved good detection performance.

引用

页码：74 / 78

页数：5

共 50 条

[41] NovelADS: A Novel Anomaly Detection System for Intra-Vehicular Networks
Agrawal, Kushagra
Alladi, Tejasvi
Agrawal, Ayush
Chamola, Vinay
Benslimane, Abderrahim
IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, 2022, 23 (11) : 22596 - 22606
[42] ADTCD: An Adaptive Anomaly Detection Approach Toward Concept Drift in IoT
Xu, Lijuan
Ding, Xiao
Peng, Haipeng
Zhao, Dawei
Li, Xin
IEEE INTERNET OF THINGS JOURNAL, 2023, 10 (18) : 15931 - 15942
[43] Scalable Command and Control Detection in Log Data through UF-ICF Analysis
Hong, Kai-Fong
Chen, Chien-Chih
Chiu, Yu-Ting
Chou, Kuo-Sen
49TH ANNUAL IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST), 2015, : 293 - 298
[44] A Novel Sequence Tensor Recovery Algorithm for Quick and Accurate Anomaly Detection
Huang, Wenbin
Xie, Kun
Li, Jie
IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING, 2022, 9 (05): : 3531 - 3545
[45] A Novel Approach of Botnets Detection Based on Analyzing Dynamical Network Traffic Behavior
Nazari M.
Dahmardeh Z.
Aliabady S.
SN Computer Science, 2021, 2 (4)
[46] Anomaly Detection in Smart Grids based on Software Defined Networks
Jung, Oliver
Smith, Paul
Magin, Julian
Reuter, Lenhard
PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON SMART CITIES AND GREEN ICT SYSTEMS (SMARTGREENS), 2019, : 157 - 164
[47] An Anomaly Detection System based on Hide Markov Model for MANET
Ye, Xia
Li, Junshan
Li, Yanling
2010 6TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS NETWORKING AND MOBILE COMPUTING (WICOM), 2010,
[48] A novel Machine Learning-based approach for the detection of SSH botnet infection
Martinez Garre, Jose Tomas
Gil Perez, Manuel
Ruiz-Martinez, Antonio
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2021, 115 : 387 - 396
[49] A survey of deep learning-based network anomaly detection
Donghwoon Kwon
Hyunjoo Kim
Jinoh Kim
Sang C. Suh
Ikkyun Kim
Kuinam J. Kim
Cluster Computing, 2019, 22 : 949 - 961
[50] THE DYNAMIC ALGORITHM OF THE DATA PACKETS BASED ON THE NETWORK ANOMALY DETECTION
Li, Min
Zhang, Mian
INTERNATIONAL SYMPOSIUM ON COMPUTER SCIENCE & TECHNOLOGY, PROCEEDINGS, 2009, : 168 - 170

← 1 2 3 4 5 →