Method of detecting IRC Botnet based on the multi-features of traffic flow
To resolve the problem of detecting IRC Botnet,a method based on traffic flow characteristics was proposed.The characteristics of Botnet channel traf?cwere analyzed in different periods such as data-clustering,data-similarity,the average length of packet,peak of synchronized traf?c,and peak of colla...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2013-10-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.10.006/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539806928044032 |
|---|---|
| author | Jian-en YAN Chun-yang YUAN Hai-yan XU Zhao-xin ZHANG |
| author_facet | Jian-en YAN Chun-yang YUAN Hai-yan XU Zhao-xin ZHANG |
| author_sort | Jian-en YAN |
| collection | DOAJ |
| description | To resolve the problem of detecting IRC Botnet,a method based on traffic flow characteristics was proposed.The characteristics of Botnet channel traf?cwere analyzed in different periods such as data-clustering,data-similarity,the average length of packet,peak of synchronized traf?c,and peak of collaborative synchronized traf?c,and these characteristics were used to detect the botnet.In analyzing,improved max-min distance means and k-means cluster analysis algorithm were also presented to promote the efficiency of data clustering.At last,the availability of the method was verified by experiment. |
| format | Article |
| id | doaj-art-57b0c039d9544a5f9045195da3f2258f |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2013-10-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-57b0c039d9544a5f9045195da3f2258f2025-01-14T06:41:25ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2013-10-0134495559675648Method of detecting IRC Botnet based on the multi-features of traffic flowJian-en YANChun-yang YUANHai-yan XUZhao-xin ZHANGTo resolve the problem of detecting IRC Botnet,a method based on traffic flow characteristics was proposed.The characteristics of Botnet channel traf?cwere analyzed in different periods such as data-clustering,data-similarity,the average length of packet,peak of synchronized traf?c,and peak of collaborative synchronized traf?c,and these characteristics were used to detect the botnet.In analyzing,improved max-min distance means and k-means cluster analysis algorithm were also presented to promote the efficiency of data clustering.At last,the availability of the method was verified by experiment.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.10.006/IRC protocolBotnetraffic flowcluster analysis |
| spellingShingle | Jian-en YAN Chun-yang YUAN Hai-yan XU Zhao-xin ZHANG Method of detecting IRC Botnet based on the multi-features of traffic flow Tongxin xuebao IRC protocol Botnet raffic flow cluster analysis |
| title | Method of detecting IRC Botnet based on the multi-features of traffic flow |
| title_full | Method of detecting IRC Botnet based on the multi-features of traffic flow |
| title_fullStr | Method of detecting IRC Botnet based on the multi-features of traffic flow |
| title_full_unstemmed | Method of detecting IRC Botnet based on the multi-features of traffic flow |
| title_short | Method of detecting IRC Botnet based on the multi-features of traffic flow |
| title_sort | method of detecting irc botnet based on the multi features of traffic flow |
| topic | IRC protocol Botnet raffic flow cluster analysis |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.10.006/ |
| work_keys_str_mv | AT jianenyan methodofdetectingircbotnetbasedonthemultifeaturesoftrafficflow AT chunyangyuan methodofdetectingircbotnetbasedonthemultifeaturesoftrafficflow AT haiyanxu methodofdetectingircbotnetbasedonthemultifeaturesoftrafficflow AT zhaoxinzhang methodofdetectingircbotnetbasedonthemultifeaturesoftrafficflow |