• Mi Re-Unir
    Búsqueda Avanzada
    JavaScript is disabled for your browser. Some features of this site may not work without it.
    Ver ítem 
    •   Inicio
    • RESULTADOS DE INVESTIGACIÓN
    • Artículos Científicos WOS y SCOPUS
    • Ver ítem
    •   Inicio
    • RESULTADOS DE INVESTIGACIÓN
    • Artículos Científicos WOS y SCOPUS
    • Ver ítem

    Multilayer Framework for Botnet Detection Using Machine Learning Algorithms

    Autor: 
    Ibrahim, Wan Nur Hidayah
    ;
    Anuar, Syahid
    ;
    Selamat, Ali
    ;
    Krejcar, Ondřej
    ;
    González-Crespo, Rubén (1)
    ;
    Herrera-Viedma, Enrique
    ;
    Fujita, Hamido
    Fecha: 
    2021
    Palabra clave: 
    Behavior-based analysis; botnet; flow-based feature selection; k-nearest neighbor; structure independent; Scopus; WOS(2)
    Tipo de Ítem: 
    Articulo Revista Indexada
    URI: 
    https://reunir.unir.net/handle/123456789/11453
    DOI: 
    https://doi.org/10.1109/ACCESS.2021.3060778
    Dirección web: 
    https://ieeexplore.ieee.org/document/9359784
    Open Access
    Resumen:
    A botnet is a malware program that a hacker remotely controls called a botmaster. Botnet can perform massive cyber-attacks such as DDOS, SPAM, click-fraud, information, and identity stealing. The botnet also can avoid being detected by a security system. The traditional method of detecting botnets commonly used signature-based analysis unable to detect unseen botnets. The behavior-based analysis seems like a promising solution to the current trends of botnets that keep evolving. This paper proposes a multilayer framework for botnet detection using machine learning algorithms that consist of a filtering module and classification module to detect the botnet's command and control server. We highlighted several criteria for our framework, such as it must be structure-independent, protocol-independent, and able to detect botnet in encapsulated technique. We used behavior-based analysis through flow-based features that analyzed the packet header by aggregating it to a 1-s time. This type of analysis enables detection if the packet is encapsulated, such as using a VPN tunnel. We also extend the experiment using different time intervals, but a 1-s time interval shows the most impressive results. The result shows that our botnet detection method can detect up to 92% of the f-score, and the lowest false-negative rate was 1.5%.
    Mostrar el registro completo del ítem
    Este ítem aparece en la(s) siguiente(s) colección(es)
    • Artículos Científicos WOS y SCOPUS

    Estadísticas de uso

    Año
    2012
    2013
    2014
    2015
    2016
    2017
    2018
    2019
    2020
    2021
    2022
    2023
    Vistas
    0
    0
    0
    0
    0
    0
    0
    0
    0
    44
    61
    1
    Descargas
    0
    0
    0
    0
    0
    0
    0
    0
    0
    0
    0
    0

    Ítems relacionados

    Mostrando ítems relacionados por Título, autor o materia.

    • Enhancing big data feature selection using a hybrid correlation-based feature selection 

      Mohamad, Masurah; Selamat, Ali; Krejcar, Ondrej; González-Crespo, Rubén (1); Herrera-Viedma, Enrique; Fujita, Hamido (2021)
      This study proposes an alternate data extraction method that combines three well-known feature selection methods for handling large and problematic datasets: the correlation-based feature selection (CFS), best first search ...
    • A recommender system based on implicit feedback for selective dissemination of ebooks 

      Núñez-Valdez, Edward Rolando; Quintana, David; González-Crespo, Rubén (1); Isasi, Pedro; Herrera-Viedma, Enrique (Information Sciences, 10/2018)
      In this study, we describe a recommendation system for electronic books. The approach is based on implicit feedback derived from user's interaction with electronic content. User's behavior is tracked through several ...
    • Dealing with group decision-making environments that have a high amount of alternatives using card-sorting techniques 

      Morente-Molinera, Juan Antonio; Ríos Aguilar, Sergio (1); González-Crespo, Rubén (1); Herrera-Viedma, Enrique (Expert Systems with Applications, 01/08/2019)
      Due to the appearance of Web 2.0 technologies and smartphones, the amount of information available to carry out group decision-making processes has increased dramatically. Therefore, there is a need for group decision-making ...

    Mi cuenta

    AccederRegistrar

    ¿necesitas ayuda?

    Manual de UsuarioAutorización TFG-M

    Listar

    todo Re-UnirComunidades y coleccionesPor fecha de publicaciónAutoresTítulosPalabras claveTipo documentoTipo de accesoEsta colecciónPor fecha de publicaciónAutoresTítulosPalabras claveTipo documentoTipo de acceso






    Aviso Legal Política de Privacidad Política de Cookies Cláusulas legales RGPD
    © UNIR - Universidad Internacional de La Rioja
     
    Aviso Legal Política de Privacidad Política de Cookies Cláusulas legales RGPD
    © UNIR - Universidad Internacional de La Rioja