Online Botnet Detection Based on Incremental Discrete Fourier Transform

Download Now Date Added: May 2010
Format: PDF

Botnet detection has attracted lots of attention since botnet attack is becoming one of the most serious threats on the Internet. But little work has considered the online detection. In this paper, the authors propose a novel approach that can monitor the botnet activities in an online way. They define the concept of "Feature streams" to describe raw network traffic. If some feature streams show high similarities, the corresponding hosts will be regarded as suspected bots which will be added into the suspected bot hosts set. After activity analysis, bot hosts will be confirmed as soon as possible. They present a simple method by computing the average.