Title :
Peer to Peer Botnet Detection Using Data Mining Scheme
Author :
Liao, Wen-Hwa ; Chang, Chia-Ching
Author_Institution :
Dept. of Inf. Manage., Tatung Univ., Taipei, Taiwan
Abstract :
Botnet was composed of the virus-infected computers severely threaten the security of internet. Hackers, firstly, implanted virus in targeted computers, which were then commanded and controlled by them via the internet to operate distributed denial of services (DDoS), steal confidential information, distribute junk mails and other malicious acts. By imitating P2P software, P2P botnet used multiple main controller to avoid single point of failure, and failed various misuse detecting technologies together with encryption technologies. Differentiating from the normal network behavior, P2P botnet sets up numerous sessions without consuming bandwidth substantially, causing itself exposed to the anomaly detection technology. The data mining scheme was tested in real internet to prove its capability of discovering the host of P2P botnet. Crucially, the research applied the original dissimilarity of P2P botnet differing from normal internet behaviors as parameters of data mining, which were then clustered and distinguished to obtain reliable results with acceptable accuracy.
Keywords :
Internet; computer viruses; cryptography; data mining; peer-to-peer computing; Internet security; P2P software; data mining scheme; distributed denial of services; encryption technologies; junk mail distribution; misuse detecting technologies; peer to peer botnet detection; steal confidential information; virus-infected computers; Accuracy; Computers; Data mining; Games; Internet; Monitoring; Software;
Conference_Titel :
Internet Technology and Applications, 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5142-5
Electronic_ISBN :
978-1-4244-5143-2
DOI :
10.1109/ITAPP.2010.5566407
