Botnet Detection Technology Based on the On-line Error Model

被引:0
作者
Zhu, Xuan Zhang [1 ]
Li, Ya Fei [1 ]
机构
[1] Hunan Univ Sci & Engn, Ctr Educ Technol, Yongzhou, Hunan, Peoples R China
来源
PROCEEDINGS OF 2012 2ND INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT 2012) | 2012年
关键词
botnet; online failure; machine learning; Network management;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Botnet is a serious information safety problem in the recent network. How to effectively find out the victim host and how to make the victim host free from the control of the botnet have become an urgent problem to be solved in the current network safety. In the paper, the use of the network online failure can distinguish the normal flow, P2P flow and the flow infected by the botnet. It can abstract the relevant characteristic values by observing the normal flow, the P2P flow and the online failure from the botnet intranet to the outer net, and then the characteristic values can create the detection model through the machine learning. The use of the detection model can distinguish the different kinds of flows.
引用
收藏
页码:1801 / 1806
页数:6
相关论文
共 7 条
[1]  
[Anonymous], 2007, P USENIX HOTB
[2]  
Bacher Paul., 2008, Know Your Enemy: Tracking Botnets
[3]  
Choi H., 2007, P 7 IEEE INT C COMP
[4]  
Gu G., 2008, P 16 USENIX SEC S US
[5]  
Lee Jae-Seo, 2008, P INT C SEC TECHN S
[6]  
Moore D., 2006, P ACM T COMP SYST NY
[7]  
Zhuge J., 2007, Characterizing the IRC-based botnet phenomenon
1