Clustering Botnet Communication Traffic Based on N-Gram Feature Selection

Recognized as one the most serious security threats on current Internet infrastructure, botnets cannot only be implemented by existing well known applications, e.g. IRC, HTTP, or Peer-to-Peer, but also can be constructed by unknown or creative applications, which makes the botnet detection a challenging problem. Previous attempts for detecting botnets are mostly to examine traffic content for bot command on selected network links or by setting up honeypots. Traffic content, however, can be encrypted with the evolution of botnet, and as a result leading to a fail of content based detection approaches.

Provided by: Reed Elsevier Topic: Mobility Date Added: Apr 2010 Format: PDF

Download Now

Find By Topic