Title :
Trojan Detection Based on Network Flow Clustering
Author :
Xiaochen Zhang ; Shengli Liu ; Lei Meng ; Yunfang Shi
Author_Institution :
Zhengzhou Inst. of Inf. Sci. & Technol., Zhengzhou, China
Abstract :
Trojan is a threat to network security which poses a serious threat to national security. Through research on Trojan communication process, this paper proposes a data stream clustering method based on packet timestamp. This method uses cluster to compress Trojan communication data stream information, extracts cluster characteristics and then detects Trojans according to the cluster characteristics and correlation between the clusters. The experimental results showed that this method achieved good detection results.
Keywords :
client-server systems; computer network security; invasive software; pattern clustering; C-S structure; IP connection; Trojan communication process; Trojan detection; cluster characteristic extraction; data stream clustering method; national security; network flow clustering; network security; packet timestamp; Algorithm design and analysis; Classification algorithms; Clustering algorithms; Decision trees; Heart beat; Trojan horses; ¡°Heartbeat¡± behavior; Trojan detection; clustering algorithms; network security; timestamp;
Conference_Titel :
Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4673-3093-0
DOI :
10.1109/MINES.2012.242
