Botnet detection using graph based feature clustering
<p>Detecting botnets in a network is crucial because bot-activities impact numerous areas such as security, finance, health care, and law enforcement. Most existing rule and flow-based detection methods may not be capable of detecting bot-activities in an efficient manner. Hence, designing a r...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en |
| Published: |
MSSTATE
2018
|
| Subjects: | |
| Online Access: | http://sun.library.msstate.edu/ETD-db/theses/available/etd-10202017-112646/ |
| id |
ndltd-MSSTATE-oai-library.msstate.edu-etd-10202017-112646 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-MSSTATE-oai-library.msstate.edu-etd-10202017-1126462019-05-15T18:44:00Z Botnet detection using graph based feature clustering Akula, Ravi Kiran Industrial and Systems Engineering <p>Detecting botnets in a network is crucial because bot-activities impact numerous areas such as security, finance, health care, and law enforcement. Most existing rule and flow-based detection methods may not be capable of detecting bot-activities in an efficient manner. Hence, designing a robust botnet-detection method is of high significance. In this study, we propose a botnet-detection methodology based on graph-based features. Self-Organizing Map is applied to establish the clusters of nodes in the network based on these features. Our method is capable of isolating bots in small clusters while containing most normal nodes in the big-clusters. A filtering procedure is also developed to further enhance the algorithm efficiency by removing inactive nodes from bot detection. The methodology is verified using real-world CTU-13 and ISCX botnet datasets and benchmarked against classification-based detection methods. The results show that our proposed method can efficiently detect the bots despite their varying behaviors.</p> Linkan Bian Marufuzzaman Mohammad Medal, Hugh R. MSSTATE 2018-05-07 text application/pdf http://sun.library.msstate.edu/ETD-db/theses/available/etd-10202017-112646/ http://sun.library.msstate.edu/ETD-db/theses/available/etd-10202017-112646/ en unrestricted I hereby certify that, if appropriate, I have obtained and attached hereto a written permission statement from the owner(s) of each third party copyrighted matter to be included in my thesis, Dissertation, or project report, allowing distribution as specified below. I certify that the version I submitted is the same as that approved by my advisory committee. I hereby grant to Mississippi State University Libraries or its agents the non-exclusive license to archive and make accessible, under the conditions specified below, my thesis, Dissertation, or project report in whole or in part in all forms of media, now or hereafter known. I retain all other ownership rights to the copyright of the thesis, Dissertation or project report. I also retain the right to use in future works (such as articles or books) all or part of this thesis, Dissertation, or project report. |
| collection |
NDLTD |
| language |
en |
| format |
Others
|
| sources |
NDLTD |
| topic |
Industrial and Systems Engineering |
| spellingShingle |
Industrial and Systems Engineering Akula, Ravi Kiran Botnet detection using graph based feature clustering |
| description |
<p>Detecting botnets in a network is crucial because bot-activities impact numerous areas such as security, finance, health care, and law enforcement. Most existing rule and flow-based detection methods may not be capable of detecting bot-activities in an efficient manner. Hence, designing a robust botnet-detection method is of high significance. In this study, we propose a botnet-detection methodology based on graph-based features. Self-Organizing Map is applied to establish the clusters of nodes in the network based on these features. Our method is capable of isolating bots in small clusters while containing most normal nodes in the big-clusters. A filtering procedure is also developed to further enhance the algorithm efficiency by removing inactive nodes from bot detection. The methodology is verified using real-world CTU-13 and ISCX botnet datasets and benchmarked against classification-based detection methods. The results show that our proposed method can efficiently detect the bots despite their varying behaviors.</p> |
| author2 |
Linkan Bian |
| author_facet |
Linkan Bian Akula, Ravi Kiran |
| author |
Akula, Ravi Kiran |
| author_sort |
Akula, Ravi Kiran |
| title |
Botnet detection using graph based feature clustering |
| title_short |
Botnet detection using graph based feature clustering |
| title_full |
Botnet detection using graph based feature clustering |
| title_fullStr |
Botnet detection using graph based feature clustering |
| title_full_unstemmed |
Botnet detection using graph based feature clustering |
| title_sort |
botnet detection using graph based feature clustering |
| publisher |
MSSTATE |
| publishDate |
2018 |
| url |
http://sun.library.msstate.edu/ETD-db/theses/available/etd-10202017-112646/ |
| work_keys_str_mv |
AT akularavikiran botnetdetectionusinggraphbasedfeatureclustering |
| _version_ |
1719086251089330176 |