Detecting P2P botnet based on the role of flows
Towards the weaknesses of the existing detection methods of P2P botnet,a novel real-time detection model based on the role of flows was proposed,which was named as RF.According to the characteristics of flows,the model made the flows play the different roles in the detection of the P2P botnet to det...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2012-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2012.z1.035/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539880542273536 |
|---|---|
| author | Yuan-zhang SONG Jun-ting HE Bo ZHANG Jun-jie WANG An-bang WANG |
| author_facet | Yuan-zhang SONG Jun-ting HE Bo ZHANG Jun-jie WANG An-bang WANG |
| author_sort | Yuan-zhang SONG |
| collection | DOAJ |
| description | Towards the weaknesses of the existing detection methods of P2P botnet,a novel real-time detection model based on the role of flows was proposed,which was named as RF.According to the characteristics of flows,the model made the flows play the different roles in the detection of the P2P botnet to detect the essential abnormality and the attacking abnormality.And the model considered the influence on the detection of the P2P botnet which the Web applications generated,especially the applications based on the P2P protocols.To minimize the false positive rate and false negative rate,a real-time method based on the sliding window to estimate the Hurst parameter was proposed,and the Kaufman algorithm was applied to adjust the threshold dynamically.The experiments showed that the model was able to detect the new P2P botnet with a relatively high precision. |
| format | Article |
| id | doaj-art-cb1aced953f949a8812395013886a6c6 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2012-09-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-cb1aced953f949a8812395013886a6c62025-01-14T06:34:01ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2012-09-013326226959667902Detecting P2P botnet based on the role of flowsYuan-zhang SONGJun-ting HEBo ZHANGJun-jie WANGAn-bang WANGTowards the weaknesses of the existing detection methods of P2P botnet,a novel real-time detection model based on the role of flows was proposed,which was named as RF.According to the characteristics of flows,the model made the flows play the different roles in the detection of the P2P botnet to detect the essential abnormality and the attacking abnormality.And the model considered the influence on the detection of the P2P botnet which the Web applications generated,especially the applications based on the P2P protocols.To minimize the false positive rate and false negative rate,a real-time method based on the sliding window to estimate the Hurst parameter was proposed,and the Kaufman algorithm was applied to adjust the threshold dynamically.The experiments showed that the model was able to detect the new P2P botnet with a relatively high precision.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2012.z1.035/P2P botnetself-similaritymulti-chart CUSUMKaufman |
| spellingShingle | Yuan-zhang SONG Jun-ting HE Bo ZHANG Jun-jie WANG An-bang WANG Detecting P2P botnet based on the role of flows Tongxin xuebao P2P botnet self-similarity multi-chart CUSUM Kaufman |
| title | Detecting P2P botnet based on the role of flows |
| title_full | Detecting P2P botnet based on the role of flows |
| title_fullStr | Detecting P2P botnet based on the role of flows |
| title_full_unstemmed | Detecting P2P botnet based on the role of flows |
| title_short | Detecting P2P botnet based on the role of flows |
| title_sort | detecting p2p botnet based on the role of flows |
| topic | P2P botnet self-similarity multi-chart CUSUM Kaufman |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2012.z1.035/ |
| work_keys_str_mv | AT yuanzhangsong detectingp2pbotnetbasedontheroleofflows AT juntinghe detectingp2pbotnetbasedontheroleofflows AT bozhang detectingp2pbotnetbasedontheroleofflows AT junjiewang detectingp2pbotnetbasedontheroleofflows AT anbangwang detectingp2pbotnetbasedontheroleofflows |