Title :
Botnet detection based on common network behaviors by utilizing Artificial Immune System(AIS)
Author :
Zeidanloo, Hossein Rouhani ; Hosseinpour, Farhoud ; Borazjani, Parnian Najafi
Author_Institution :
Fac. of Comput. Sci. & Inf. Syst., Univ. of Technol. Malaysia, Kuala Lumpur, Malaysia
Abstract :
Botnet is most widespread and occurs commonly in today´s cyber attacks, resulting in serious threats to our network assets and organization´s properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Commond-and-Control (C&C) infrastructure. In this paper, we proposed a new general Botnet detection framework. Since Artificial Immune System (AIS) is a new bio-inspired model which is applied for solving various problems in the field of information security, we used this concept in our proposed framework to make it more efficient. Our framework is based on definition of Botnets. Botnet has been defined as a group of bots that perform similar communication and malicious activity patterns within the same Botnet. We utilized AIS to effectively detect malicious activities such as spam and port scanning in bot infected hosts.
Keywords :
artificial immune systems; command and control systems; computer crime; telecontrol; unsolicited e-mail; artificial immune system; bioinspired model; bot infected host; botmaster; botnet detection; command and control infrastructure; common network behavior; cyber attack; information security; malicious activity pattern; port scanning; remotely controlled compromised computers; spam; Artificial immune systems; Computers; Databases; Detectors; Monitoring; Unsolicited electronic mail; AIS; bot; botnet; scan; spam;
Conference_Titel :
Software Technology and Engineering (ICSTE), 2010 2nd International Conference on
Conference_Location :
San Juan, PR
Print_ISBN :
978-1-4244-8667-0
Electronic_ISBN :
978-1-4244-8666-3
DOI :
10.1109/ICSTE.2010.5608967
