Welcome to the InfoSci Platform
Detecting Botnet Traffic from a Single Host

Detecting Botnet Traffic from a Single Host

Sebastián García, Alejandro Zunino, Marcelo Campo
Copyright: © 2015 |Pages: 21
ISBN13: 9781466673816|ISBN10: 1466673818|EISBN13: 9781466673823
DOI: 10.4018/978-1-4666-7381-6.ch019
Cite Chapter Cite Chapter

MLA

García, Sebastián, et al. "Detecting Botnet Traffic from a Single Host." Handbook of Research on Emerging Developments in Data Privacy, edited by Manish Gupta, IGI Global, 2015, pp. 426-446. https://doi.org/10.4018/978-1-4666-7381-6.ch019

APA

García, S., Zunino, A., & Campo, M. (2015). Detecting Botnet Traffic from a Single Host. In M. Gupta (Ed.), Handbook of Research on Emerging Developments in Data Privacy (pp. 426-446). IGI Global. https://doi.org/10.4018/978-1-4666-7381-6.ch019

Chicago

García, Sebastián, Alejandro Zunino, and Marcelo Campo. "Detecting Botnet Traffic from a Single Host." In Handbook of Research on Emerging Developments in Data Privacy, edited by Manish Gupta, 426-446. Hershey, PA: IGI Global, 2015. https://doi.org/10.4018/978-1-4666-7381-6.ch019

Export Reference

Mendeley
Favorite

Abstract

The detection of bots and botnets in the network may be improved if the analysis is done on the traffic of one bot alone. While a botnet may be detected by correlating the behavior of several bots in a large amount of traffic, one bot alone can be detected by analyzing its unique trends in less traffic. The algorithms to differentiate the traffic of one bot from the normal traffic of one computer may take advantage of these differences. The authors propose to detect bots in the network by analyzing the relationships between flow features in a time window. The technique is based on the Expectation-Maximization clustering algorithm. To verify the method they designed test-beds and obtained a dataset of six different captures. The results are encouraging, showing a true positive error rate of 99.08% with a false positive error rate of 0.7%.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.