A Framework on botnet detection and forensics

Singh, Harvinder; Bijalwan, Anchit

doi:10.15439/2017r28

Cited by 2 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Various detection methods have been proposed by researchers in literature to detect botnets. Based on literature [14], there are three major methods of botnet detection such as host-based detection, honeynet detection and network-based detection. Recently, machine learning based detection has become the most widely used for detecting botnets methods as proven by previous literature [15], [16], [4], [5].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Muhammad,

Ismail,

Hassan

2024

IJACSA

View full text Add to dashboard Cite

In the dynamic landscape of evolving cyber threats, Security Operations Centers (SOCs) play an important role in protecting digital assets. Among these threats, botnets are particularly challenging due to their ability to take over many devices and launch coordinated attacks. Through comparative analysis, the research gaps in existing frameworks have been identified. Based on these insights, a botnet detection and incident response framework aligned with SOC practices has been proposed. This proposed framework emphasizes proactive measures by integrating threat intelligence, detection and monitoring tools to detect botnet attack and facilitate rapid response. Future research will focus on conducting evaluation and validation studies to assess the effectiveness and performance of the framework in controlled environments. This effort will contribute to develop the framework and ensuring it aligns with practical cybersecurity needs.

show abstract

Section: Related Workmentioning

confidence: 99%

“…In study [14] the authors introduced a botnet detection framework based on comparative analyses from previous research, focusing primarily on effective measures for detection. However, this framework lacks emphasis on earlystage prevention.…”

Section: A Botnet Detection Frameworkmentioning

confidence: 99%

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Muhammad,

Ismail,

Hassan

2024

IJACSA

View full text Add to dashboard Cite

show abstract

“…1) Benign (Normal) 2) Mirai malware attack 3) Gafgyt Malware attack Figure 5 comparison of the Provision_PT_737E Security Camera IoT device's performance evaluation findings may be understandable given that it is based on Gafgyt botnet attacks which are predicted based on above Table 1 to Table 4. We have discussed these findings on the Gafgyt botnet and its attacks using the three classifiers Logistic regression (LR) [25], Random Forest (RF) [26], and proposed XGBoost. In this bar graph, each pair of colors represents a combination of the several performance indices that were used in this study.…”

Section: Precision = Tp (Tp + Fp)mentioning

confidence: 99%

Implementation of Blockchain with Machine Learning Intrusion Detection System for Defending IoT Botnet and Cloud Networks

Siddamsetti¹,

Srivenkatesh²

2022

ISI

View full text Add to dashboard Cite

Significant research has been done on combining intrusion detection and blockchain to increase data privacy and find both current and future threats. This research suggests a machine blockchain framework (MBF) in order to provide distributed intrusion detection with security and blockchain with privacy with the help of smart contracts in IoT networks. An XGBoost algorithm was implemented to work with sequential network data and the intrusion detection approach is explored using the N-BaIoT dataset. In order to protect the network against known malware threats (Mirai, Gafgyt, or Bashlite), the IoT malware attack prediction model created in this study offers a deterrent strategy based on the network traffic statistics. On the other hand, the models need to be taught to recognize new varieties of malware. In this work, we observe how different machine learning models, like Random Forest algorithm and proposed XGBoost algorithm, can accurately predict the infected malware in certain traffic instance. However, we provide a honeypot-based strategy that employs machine learning techniques for the detection of malware in this study. Using data from an IoT Botnet as a dataset helps train a machine learning model in a way that is effective and changes over time.

show abstract

A Framework on botnet detection and forensics

Cited by 2 publications

References 9 publications

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Botnet Detection and Incident Response in Security Operation Center (SOC): A Proposed Framework

Implementation of Blockchain with Machine Learning Intrusion Detection System for Defending IoT Botnet and Cloud Networks

Contact Info

Product

Resources

About