Botnet Behavior Detection using Network Synchronism

García, Sebastián; Zunino, Alejandro; Campo, Marcelo

Search resources

Search among the 184346 resources available in the repository

Upload resources

Upload your works to SEDICI to increase its visibility and improve its impact

Show simple item record

dc.date.accessioned	2023-05-11T13:23:43Z
dc.date.available	2023-05-11T13:23:43Z
dc.date.issued	2010
dc.identifier.uri	http://sedici.unlp.edu.ar/handle/10915/152798
dc.description.abstract	Botnets diversity and dynamism challenge detection and classification algorithms, which depend heavily on botnets protocol and can quickly become avoidable. A more general detection method, then, was needed. We propose an analysis of their most inherent characteristics, like synchronism and network load combined with a detailed analysis of error rates. Not relying in any specific botnet technology or protocol, our classification approach sought to detect synchronic behavioral patterns in network traffic flows and clustered them based on botnets characteristics. Different botnet and normal captures were taken and a time slice approach was used to successfully separate them. Results show that botnets and normal computers traffic can be accurately detected by our approach and thus enhance detection effectiveness.	en
dc.format.extent	1739-1750	es
dc.language	en	es
dc.subject	Botnet	es
dc.subject	detection	es
dc.subject	clustering	es
dc.subject	EM algorithm	es
dc.subject	security	es
dc.title	Botnet Behavior Detection using Network Synchronism	en
dc.type	Objeto de conferencia	es
sedici.identifier.uri	http://39jaiio.sadio.org.ar/sites/default/files/39-jaiio-ast-21.pdf	es
sedici.identifier.issn	1850-2806	es
sedici.creator.person	García, Sebastián	es
sedici.creator.person	Zunino, Alejandro	es
sedici.creator.person	Campo, Marcelo	es
sedici.subject.materias	Ciencias Informáticas	es
sedici.description.fulltext	true	es
mods.originInfo.place	Sociedad Argentina de Informática e Investigación Operativa	es
sedici.subtype	Objeto de conferencia	es
sedici.rights.license	Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)
sedici.rights.uri	http://creativecommons.org/licenses/by-nc-sa/4.0/
sedici.date.exposure	2010
sedici.relation.event	Simposio Argentino de Tecnología (AST 2010) - JAIIO 39 (UADE, 30 de agosto al 3 de septiembre de 2010)	es
sedici.description.peerReview	peer-review	es

Download Files

Documento completo
Download file (156.3Kb) - PDF

External link

39jaiio.sadio.org.ar/...

This item appears in the following Collection(s)

39 Jornadas Argentinas de Informática e Investigación Operativa (JAIIO) → Simposio Argentino de Tecnología (AST 2010)

Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)

Except where otherwise noted, this item's license is described as Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)