Self-adaptive System for the Corporate Area Network Resilience in the Presence of Botnet Cyberattacks

Lysenko, Sergii; Savenko, Oleg; Bobrovnikova, Kira; Kryshchuk, Andrii

doi:10.1007/978-3-319-92459-5_31

Cited by 13 publications

(9 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on the gathered Internet traffic features inherent to cyberattacks, the BotGRABBER system was able to produce the security scenarios according to cyberattacks performed by botnets in order to mitigate the attacks and ensure the network's resilient functioning. The proposed approach used the semi-supervised fuzzy c-means clustering, where the objects of clustering were the feature vectors which elements may indicate the appearance of cyber threats in the corporate area networks [25]. This paper presents the approach for the botnet detection of the low rate DDoS attacks via the BotGRABBER system.…”

Section: Results and Analysismentioning

confidence: 99%

“…and are clustered and a result of the clustering is the assignment of each feature vector to a cluster, which is corresponding to a given cyberattack. The low-rate DDoS attacks identification based on the traffic self-similarity analysis is the part of botnets detection process performed by a self-adaptive system-BotGRABBER system [25]. It presents the framework for assuring the networks' resilience under the botnets' cyberattacks.…”

Section: The Proposed Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Detection of the botnets’ low-rate DDoS attacks based on self-similarity

Lysenko¹,

Bobrovnikova²,

Matiukh³

et al. 2020

IJECE

Self Cite

View full text Add to dashboard Cite

An article presents the approach for the botnets’ low-rate a DDoS-attacks detection based on the botnet’s behavior in the network. Detection process involves the analysis of the network traffic, generated by the botnets’ low-rate DDoS attack. Proposed technique is the part of botnets detection system – BotGRABBER system. The novelty of the paper is that the low-rate DDoS-attacks detection involves not only the network features, inherent to the botnets, but also network traffic self-similarity analysis, which is defined with the use of Hurst coefficient. Detection process consists of the knowledge formation based on the features that may indicate low-rate DDoS attack performed by a botnet; network monitoring, which analyzes information obtained from the network and making conclusion about possible DDoS attack in the network; and the appliance of the security scenario for the corporate area network’s infrastructure in the situation of low-rate attacks.

show abstract

Section: Results and Analysismentioning

confidence: 99%

Section: The Proposed Methodsmentioning

confidence: 99%

Detection of the botnets’ low-rate DDoS attacks based on self-similarity

Lysenko¹,

Bobrovnikova²,

Matiukh³

et al. 2020

IJECE

Self Cite

View full text Add to dashboard Cite

show abstract

“…Instead of classifying flow clusters in either a botnet flow or normal flow, the algorithm uses multiple clusters for the same traffic and a link algorithm to do the final classification. Self-adapting systems for detecting, clustering and classification of botnets is proposed by Lysenko et al [136], who use a semi-supervised fuzzy c-means clustering technique. The system is also able to double as mitigation as it can reconfigure corporate networks and execute more specific actions such as reducing request timeouts, decreasing allowed HTTP request size and blocking source hostname and IP addresses.…”

Section: Machine Learning and Network-based Detection Mechanismsmentioning

confidence: 99%

“…Very botnet-specific, can introduce additional latency at network edge. [5,84,98,136,176,[201][202][203][204][205]…”

Section: Mitigation Mechanism Advantages Disadvantages Papersmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literature review on botnets is presented to the reader in order to obtain an understanding of the incentives, evolution, detection, mitigation and current trends within the field of botnet research in pervasive computing. The literature review focuses particularly on the topic of botnet detection and the proposed solutions to mitigate the threat of botnets in system security. Botnet detection and mitigation mechanisms are categorised and briefly described to allow for an easy overview of the many proposed solutions. The paper also summarises the findings to identify current challenges and trends within research to help identify improvements for further botnet mitigation research.

show abstract