TY - GEN
T1 - Botnet detection using graphical lasso with graph density
AU - Han, Chansu
AU - Kono, Kento
AU - Tanaka, Shoma
AU - Kawakita, Masanori
AU - Takeuchi, Jun’Ichi
N1 - Funding Information:
We appreciate the feedback offered by everyone of Cybersecurity Laboratory, NICT. Our work was partially supported by “PRACTICE: Proactive Response Against Cyber-Attacks Through International Collaborative Exchange” administered by the Ministry of Internal Affairs and Communications.
Publisher Copyright:
© Springer International Publishing AG 2016.
PY - 2016
Y1 - 2016
N2 - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.
AB - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.
UR - http://www.scopus.com/inward/record.url?scp=84992618608&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84992618608&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-46687-3_59
DO - 10.1007/978-3-319-46687-3_59
M3 - Conference contribution
AN - SCOPUS:84992618608
SN - 9783319466866
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 537
EP - 545
BT - Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings
A2 - Doya, Kenji
A2 - Ikeda, Kazushi
A2 - Lee, Minho
A2 - Hirose, Akira
A2 - Ozawa, Seiichi
A2 - Liu, Derong
PB - Springer Verlag
T2 - 23rd International Conference on Neural Information Processing, ICONIP 2016
Y2 - 16 October 2016 through 21 October 2016
ER -