Vol. 7 (02) pp. 965-970 DOI: 10.21474/IJAR01/8569

DETECTION OF BOTNETS USING INVARIANT REPRESENTATION.

  • SRM Institute of Science and Technology, Kattankulathur.
  • Birla Institute of Technology, Mesra, Ranchi.
10 Downloads 63 Views
Crossref

Abstract

Over the past few decades, botnets are known to be a serious threat to the cyber security. The botnets are the systems in a particular network environment that are commanded by the attacker also known as Bot herder through C & C channel and hence targets the neighbour systems. As a result, several anomalies(such as DDoS, spamming, key-logging etc) are detected which leads to failure of the systems, information breach and also threat to security. With the advancement of technology, botnets tend to change their feature and pattern of attack and tend to be indomitable. In the proposed architecture, we derieved a methodology to effectively detect problematic botnets irrespective of their variance in features and attack pattern. Invariant representation is implemented to effectively detect the botnets and keep in view the feature of invariance and the architechture is evaluated using bin histogram representations and two-class SVM(Support Vector Machine).

Keywords

Article Analytics

References

  1. Bartos, M. Sofka, and V. Franc. Optimized invariant representation of network traffic for detecting unseen malware variants. In 25thUSENIX Security Symposium (USENIX Security 16), pages 807?822,Austin, TX, Aug. 2016. USENIX Association.
  2. Kalt. Internet Relay Chat: Client Protocol. RFC 2812(Informational), April 2000.
  3. Ianelli N, Hackworth A. Botnets as a vehicle for online crime; 2005. https://resources.sei.cmu.edu/asset_files/White-Paper/2005_019_001_51249.pdf.
  4. Bacher P, Holz T, Kotter M, Wicherski G. Know your enemy: tracking botnets; 2008. https://www.honeynet.org/papers/bots/.
  5. What is botnet attack?2016. https://usa.kaspersky.com/internet-security-center/threats/botnet-attacks#.V1du3TUrIdV.
  6. Sonawane SR. A review on botnet and botnet detection methods. Int J ComputSciInnov. 2016.
  7. Emerging cyber threats report for 2009, Georgia Tech Information Security Center, Oct. 2008.
  8. Ramsbrock, X. Wang, and X. Jiang, A first step towards live botmastertraceback," in Recent Advances in Intrusion Detection, vol. LNCS 5230, pp. 59-77, Springer-Verlag, 2008.
  9. R. Binkley and S. Singh. An algorithm for anomaly-based botnet detection in Proceedings of USENIX SRUTI'06, pages 43-48, July 2006.
  10. Goebel and T. Holz.Rishi: Identify bot contaminated hosts by irc nickname evaluation.In Proceedings of USENIX HotBots'07, 2007.
  11. Karasaridis, B. Rexroad, and D. Hoeflin. Wide-scale botnet detection and characterization.In Proceedings of USENIX HotBots'07, 2007.
  12. Livadas, R. Walsh, D. Lapsley, and W. T. Strayer.Using machine learning techniques to identify botnet traffic.In Proceedings of the 2nd IEEE LCN Workshop on Network Security (WoNS'2006), 2006.
  13. T. Strayer, R. Walsh, C. Livadas, and D. Lapsley. Detecting botnets with tight command and control.In Proceedings of the 31st IEEE Conference on Local Computer Networks (LCN'06), 2006.
  14. Grizzard, J. B., Sharma, V., Nunnery, C., Kang, B. B. and Dagon, D. 2007. Peer-to-peer botnets: overview and case study, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, USENIX Association, Berkeley, CA, USA.
  15. Rajab, J. Zarfoss, F. Monrose, and A. Terzis.A multi-faceted approach to understanding the botnet phenomenon.In Proceedings of ACM SIGCOMM/USENIX Internet Measurement Conference (IMC'06), Brazil, October 2006.
  16. Chiang and L. Lloyd. A case study of the rustoc k rootkit and spam bot. In Proceedings of USENIX HotBots'07, 2007.
  17. Daswani and M. Stoppelman.The anatomy of clickbot.A.In Proceedings of USENIX HotBots'07, 2007.
  18. Bobaxtrojan analysis.
  19. http://www.securework s.com/research/threats/bobax/, 2004.
  20. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. BotHunter: Detecting malware infection through ids-driv en dialog correlation.In Proceedings of the 16th USENIX Security Symposium (Security'07), 2007.
  21. Gu, J. Zhang, and W. Lee. BotSniffer: Detecting botnet c ommand and control channels in network traffic.In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), 2008.
  22. K. Reiter and T.-F. Yen.Traffic aggregation for malw are detection.In Proceedings of the Fifth GI International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA'08),2008.
  23. Dewes, A. Wichmann, and A. Feldmann. An analysis of internet chat systems.In IMC ?03: Proceedings of the3rd ACM SIGCOMM conference on Internet measurement,pages 51?64, New York, NY, USA, 2003. ACM Press.
  24. Sen, O. Spatscheck, and D. Wang. Accurate, scalable in-network identification of p2p traffic using application signatures.In WWW ?04: Proceedings of the 13th international conference on World Wide Web, pages 512?521, New York,NY, USA, 2004. ACM Press.
  25. A guide to understanding covert channel analysis of trusted systems, version1.NCSC-TG-030,Library No. S-240,572, National Computer Security Center, November 1993.
  26. Plohmann, E. Gerhards-Padilla, and F. Leder, Botnets: measurement, detection, disinfection and defence," in ENISA workshop on (Giles Hogben, ed.),Mar. 2011
  27. Taxonomy of botnet threats, white paper, Trend Micro Incorporated, Nov. 2006.White Paper.
  28. Mahmoud, M. Nir, and A. Matrawy,Survey on botnet architectures, detection and defences.In International Journal of Network Security.
  29. Andrea Vedaldi, ?Invariant Representation and Learning for Computer Vision,? Doctoral thesis, 2008.

How to Cite This Article

Moinak Bhattacharya and V.Bhattacharya. (2019); DETECTION OF BOTNETS USING INVARIANT REPRESENTATION., Int. J. of Adv. Res., 7 (02), 965-970, ISSN 2320-5407. DOI: https://doi.org/10.21474/IJAR01/8569

Corresponding Author

Moinak Bhattacharya
B.Tech, Computer Science and Engineering