Architecture for Applying Data Mining and Visualization on Network Flow for Botnet Traffic Detection

Shahrestani, Alireza; Feily, Maryam; Ahmad, Rodina; Ramadass, Sureswaran

doi:10.1109/icctd.2009.82

Cited by 24 publications

(14 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In fact, anomaly detectors may deploy different methods such as statistical methods, data-mining methods, Artificial Neural Networks (ANN) and Support Vector Machines (SVM) [8]. Data mining and visualization are combined in [9] to propose a flow-based botnet detection system. Statistical techniques are deployed in another paper to provide real-time anomaly detection in network flows in a controlled environment [10].…”

Section: Introductionmentioning

confidence: 99%

Metaheuristic algorithms based Flow Anomaly Detector

Jadidi

Muthukkumarasamy

Sithirasenan

2013

2013 19th Asia-Pacific Conference on Communications (APCC)

View full text Add to dashboard Cite

Increasing throughput of modern high-speed networks needs accurate real-time Intrusion Detection System (IDS). A traditional packet-based Network IDS (NIDS) is timeintensive as it inspects all packets. A flow-based anomaly detector addresses scalability issues by monitoring only packet headers.This method is capable of detecting unknown attacks in high speed networks. An Artificial Neural Network (ANN) is employed in this research to detect anomalies in flow-based traffic. Metaheuristic optimization algorithms have the potential to achieve global optimal solution. In this paper, two metaheuristic algorithms, Cuckoo and PSOGSA, are examined to optimize the interconnection weights of a Multi-Layer Perceptron (MLP) neural network. This optimized MLP is evaluated with two different flow-based data sets. We then compare the performance of these algorithms. The results show that Cuckoo and PSOGSA algorithms enable high accuracy in classifying benign and malicious flows. However, the Cuckoo has lower training time.

show abstract

Section: Introductionmentioning

confidence: 99%

Metaheuristic algorithms based Flow Anomaly Detector

Jadidi

Muthukkumarasamy

Sithirasenan

2013

2013 19th Asia-Pacific Conference on Communications (APCC)

View full text Add to dashboard Cite

show abstract

“…Clustering algorith ms divide the entire data set into subgroups or clusters containing relatively identical features. Thus, clustering provides some significant advantages over the classification techniques, since it does not require a labeled data set for training [12]. To find particu lar pattern fro m large dataset is known as aggregation method, collecting and analyzing several types of records from different channels simu ltaneously.…”

Section: Botnet Detecti On Techni Quesmentioning

confidence: 99%

“…Therefore, it is not an appropriate approach to detect new attacks [12]. Clustering is a well-known data mining technique where data points are clustered together based on their feature values and a similarity metric.…”

Section: Botnet Detecti On Techni Quesmentioning

confidence: 99%

“…might compare arrival time. These kinds of algorith ms utilize the characteristic values as inputs into one or more functions to create a metric used to decide if the flows are correlated [12].…”

Section: Botnet Detecti On Techni Quesmentioning

confidence: 99%

“…It enables to extract sufficient data for analysis fro m network log file. Most useful data mining techniques includes correlation, classification, clustering, statistical analysis, and aggregation for efficiently knowledge discovery about network flows [12].…”

Section: Botnet Detecti On Techni Quesmentioning

confidence: 99%

See 2 more Smart Citations

Botnet and Detection Techniques: A Review

2015

IJAERD

View full text Add to dashboard Cite

Abstract-Among the diverse forms of mal w are, Botnet is the most w idespread and serious threat which occurs commonly in today's cyberattacks. A botnet is a group of compromised computers whi ch are remotely controlled by attacker to launch various network attacks, such as DDoS attack, spam, click fraud, identity theft and information phishing. Botnet has become a popular and productive tool behind many cyberattacks. The defining characteristic of botnets i s the use of command and control channels through which they can be updated and di rected. Recently malicious botnets evol ve into HTTP botnets out of typi cal IRC botnets. Data mining algorithms allow us to automate d etecting characteristics from large amount of data, which the conventional heuri stics and signature based methods could not apply.

show abstract

A Comprehensive Review on Text Classification and Text Mining Techniques Using Spam Dataset Detection

Siddiqui

Amer

2023

Mathematics and Computer Science Volume 2

View full text Add to dashboard Cite

Architecture for Applying Data Mining and Visualization on Network Flow for Botnet Traffic Detection

Cited by 24 publications

References 8 publications

Metaheuristic algorithms based Flow Anomaly Detector

Metaheuristic algorithms based Flow Anomaly Detector

Botnet and Detection Techniques: A Review

A Comprehensive Review on Text Classification and Text Mining Techniques Using Spam Dataset Detection

Contact Info

Product

Resources

About