Botnet detection using graphical lasso with graph density

Chansu Han, Kento Kono, Shoma Tanaka, Masanori Kawakita, Junnichi Takeuchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

Original languageEnglish
Title of host publicationNeural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings
EditorsKenji Doya, Kazushi Ikeda, Minho Lee, Akira Hirose, Seiichi Ozawa, Derong Liu
PublisherSpringer Verlag
Pages537-545
Number of pages9
ISBN (Print)9783319466866
DOIs
Publication statusPublished - Jan 1 2016
Event23rd International Conference on Neural Information Processing, ICONIP 2016 - Kyoto, Japan
Duration: Oct 16 2016Oct 21 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9947 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other23rd International Conference on Neural Information Processing, ICONIP 2016
CountryJapan
CityKyoto
Period10/16/1610/21/16

Fingerprint

Lasso
Graph in graph theory
Regularization
Change Point
Coefficient
Graphics
Botnet
Traffic
Output
Experiments
Estimate
Experiment
Relationships

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Han, C., Kono, K., Tanaka, S., Kawakita, M., & Takeuchi, J. (2016). Botnet detection using graphical lasso with graph density. In K. Doya, K. Ikeda, M. Lee, A. Hirose, S. Ozawa, & D. Liu (Eds.), Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings (pp. 537-545). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9947 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-46687-3_59

Botnet detection using graphical lasso with graph density. / Han, Chansu; Kono, Kento; Tanaka, Shoma; Kawakita, Masanori; Takeuchi, Junnichi.

Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. ed. / Kenji Doya; Kazushi Ikeda; Minho Lee; Akira Hirose; Seiichi Ozawa; Derong Liu. Springer Verlag, 2016. p. 537-545 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9947 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Han, C, Kono, K, Tanaka, S, Kawakita, M & Takeuchi, J 2016, Botnet detection using graphical lasso with graph density. in K Doya, K Ikeda, M Lee, A Hirose, S Ozawa & D Liu (eds), Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9947 LNCS, Springer Verlag, pp. 537-545, 23rd International Conference on Neural Information Processing, ICONIP 2016, Kyoto, Japan, 10/16/16. https://doi.org/10.1007/978-3-319-46687-3_59
Han C, Kono K, Tanaka S, Kawakita M, Takeuchi J. Botnet detection using graphical lasso with graph density. In Doya K, Ikeda K, Lee M, Hirose A, Ozawa S, Liu D, editors, Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. Springer Verlag. 2016. p. 537-545. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-46687-3_59
Han, Chansu ; Kono, Kento ; Tanaka, Shoma ; Kawakita, Masanori ; Takeuchi, Junnichi. / Botnet detection using graphical lasso with graph density. Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. editor / Kenji Doya ; Kazushi Ikeda ; Minho Lee ; Akira Hirose ; Seiichi Ozawa ; Derong Liu. Springer Verlag, 2016. pp. 537-545 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{9e8d725e850d446e97233b06332089f1,
title = "Botnet detection using graphical lasso with graph density",
abstract = "A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.",
author = "Chansu Han and Kento Kono and Shoma Tanaka and Masanori Kawakita and Junnichi Takeuchi",
year = "2016",
month = "1",
day = "1",
doi = "10.1007/978-3-319-46687-3_59",
language = "English",
isbn = "9783319466866",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "537--545",
editor = "Kenji Doya and Kazushi Ikeda and Minho Lee and Akira Hirose and Seiichi Ozawa and Derong Liu",
booktitle = "Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Botnet detection using graphical lasso with graph density

AU - Han, Chansu

AU - Kono, Kento

AU - Tanaka, Shoma

AU - Kawakita, Masanori

AU - Takeuchi, Junnichi

PY - 2016/1/1

Y1 - 2016/1/1

N2 - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

AB - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

UR - http://www.scopus.com/inward/record.url?scp=84992618608&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84992618608&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-46687-3_59

DO - 10.1007/978-3-319-46687-3_59

M3 - Conference contribution

AN - SCOPUS:84992618608

SN - 9783319466866

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 537

EP - 545

BT - Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings

A2 - Doya, Kenji

A2 - Ikeda, Kazushi

A2 - Lee, Minho

A2 - Hirose, Akira

A2 - Ozawa, Seiichi

A2 - Liu, Derong

PB - Springer Verlag

ER -