Detecting HTTP-based botnet based on characteristic of the C&C session using by SVM

Kazumasa Yamauchi, Yoshiaki Hori, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

With the spread of computer, the increase of malware is a serious problem. In some malware, damage caused by botnet is a serious problem. Botnets perform the attack by remote control. The purpose of the present work is to suppress the botnet activity by detecting the C&C traffic through well-suited observations. There already exists many detection techniques, most of which focus on IRC-based botnet, and very little focus on HTTP-based botnet, even less, which include comparisons between both detection techniques. In this work, we focus on the HTTP-based botnet, and in order to classify normal HTTP session and C&C session, we make use of Support Vector Machine.

Original languageEnglish
Title of host publicationProceedings - 2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013
PublisherIEEE Computer Society
Pages63-68
Number of pages6
ISBN (Print)9780769550756
DOIs
Publication statusPublished - Jan 1 2013
Event2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013 - Seoul, Korea, Republic of
Duration: Jul 25 2013Jul 26 2013

Publication series

NameProceedings - 2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013

Other

Other2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013
CountryKorea, Republic of
CitySeoul
Period7/25/137/26/13

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'Detecting HTTP-based botnet based on characteristic of the C&C session using by SVM'. Together they form a unique fingerprint.

Cite this