Botnet detection using graphical lasso with graph density

Chansu Han; Kento Kono; Shoma Tanaka; Masanori Kawakita; Jun’Ichi Takeuchi

doi:10.1007/978-3-319-46687-3_59

Botnet detection using graphical lasso with graph density

Chansu Han, Kento Kono, Shoma Tanaka, Masanori Kawakita, Jun’Ichi Takeuchi

数理情報

研究成果: 書籍/レポートタイプへの寄稿 › 会議への寄与

3 被引用数 (Scopus)

抄録

A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

本文言語	英語
ホスト出版物のタイトル	Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings
編集者	Kenji Doya, Kazushi Ikeda, Minho Lee, Akira Hirose, Seiichi Ozawa, Derong Liu
出版社	Springer Verlag
ページ	537-545
ページ数	9
ISBN（印刷版）	9783319466866
DOI	https://doi.org/10.1007/978-3-319-46687-3_59
出版ステータス	出版済み - 2016
イベント	23rd International Conference on Neural Information Processing, ICONIP 2016 - Kyoto, 日本継続期間: 10月 16 2016 → 10月 21 2016

出版物シリーズ

名前	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
巻	9947 LNCS
ISSN（印刷版）	0302-9743
ISSN（電子版）	1611-3349

その他

その他	23rd International Conference on Neural Information Processing, ICONIP 2016
国/地域	日本
City	Kyoto
Period	10/16/16 → 10/21/16

All Science Journal Classification (ASJC) codes

理論的コンピュータサイエンス
コンピュータサイエンス（全般）

文献へのアクセス

10.1007/978-3-319-46687-3_59

他のファイルとリンク

引用スタイル

Han, C., Kono, K., Tanaka, S., Kawakita, M., & Takeuchi, JI. (2016). Botnet detection using graphical lasso with graph density. In K. Doya, K. Ikeda, M. Lee, A. Hirose, S. Ozawa, & D. Liu (Eds.), Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings (pp. 537-545). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9947 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-46687-3_59

Botnet detection using graphical lasso with graph density. / Han, Chansu; Kono, Kento; Tanaka, Shoma; Kawakita, Masanori; Takeuchi, Jun’Ichi.

Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. ed. / Kenji Doya; Kazushi Ikeda; Minho Lee; Akira Hirose; Seiichi Ozawa; Derong Liu. Springer Verlag, 2016. p. 537-545 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9947 LNCS).

研究成果: 書籍/レポートタイプへの寄稿 › 会議への寄与

Han, C, Kono, K, Tanaka, S, Kawakita, M & Takeuchi, JI 2016, Botnet detection using graphical lasso with graph density. in K Doya, K Ikeda, M Lee, A Hirose, S Ozawa & D Liu (eds), Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9947 LNCS, Springer Verlag, pp. 537-545, 23rd International Conference on Neural Information Processing, ICONIP 2016, Kyoto, 日本, 10/16/16. https://doi.org/10.1007/978-3-319-46687-3_59

Han C, Kono K, Tanaka S, Kawakita M, Takeuchi JI. Botnet detection using graphical lasso with graph density. In Doya K, Ikeda K, Lee M, Hirose A, Ozawa S, Liu D, editors, Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. Springer Verlag. 2016. p. 537-545. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-46687-3_59

Han, Chansu ; Kono, Kento ; Tanaka, Shoma ; Kawakita, Masanori ; Takeuchi, Jun’Ichi. / Botnet detection using graphical lasso with graph density. Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings. editor / Kenji Doya ; Kazushi Ikeda ; Minho Lee ; Akira Hirose ; Seiichi Ozawa ; Derong Liu. Springer Verlag, 2016. pp. 537-545 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{9e8d725e850d446e97233b06332089f1,

title = "Botnet detection using graphical lasso with graph density",

abstract = "A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn{\textquoteright}t use its graphical properties. We propose a new method of botnet detection based on {\textquoteleft}graph density{\textquoteright}, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.",

author = "Chansu Han and Kento Kono and Shoma Tanaka and Masanori Kawakita and Jun{\textquoteright}Ichi Takeuchi",

note = "Funding Information: We appreciate the feedback offered by everyone of Cybersecurity Laboratory, NICT. Our work was partially supported by “PRACTICE: Proactive Response Against Cyber-Attacks Through International Collaborative Exchange” administered by the Ministry of Internal Affairs and Communications. Publisher Copyright: {\textcopyright} Springer International Publishing AG 2016.; 23rd International Conference on Neural Information Processing, ICONIP 2016 ; Conference date: 16-10-2016 Through 21-10-2016",

year = "2016",

doi = "10.1007/978-3-319-46687-3_59",

language = "English",

isbn = "9783319466866",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "537--545",

editor = "Kenji Doya and Kazushi Ikeda and Minho Lee and Akira Hirose and Seiichi Ozawa and Derong Liu",

booktitle = "Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings",

address = "Germany",

}

TY - GEN

T1 - Botnet detection using graphical lasso with graph density

AU - Han, Chansu

AU - Kono, Kento

AU - Tanaka, Shoma

AU - Kawakita, Masanori

AU - Takeuchi, Jun’Ichi

N1 - Funding Information: We appreciate the feedback offered by everyone of Cybersecurity Laboratory, NICT. Our work was partially supported by “PRACTICE: Proactive Response Against Cyber-Attacks Through International Collaborative Exchange” administered by the Ministry of Internal Affairs and Communications. Publisher Copyright: © Springer International Publishing AG 2016.

PY - 2016

Y1 - 2016

N2 - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

AB - A botnet detection method using the graphical lasso is studied. Hamasaki et al. proposed a botnet detection method based on graphical lasso applied on darknet traffic, which captures change points of outputs of graphical lasso caused by a botnet activity. In their method, they estimate cooperative relationship of bots using graphical lasso. If the regularization coefficient of graphical lasso is appropriately tuned, it can remove false cooperative relationships to some extent. Though they represent the cooperative relationships of bots as a graph, they didn’t use its graphical properties. We propose a new method of botnet detection based on ‘graph density’, for which we introduce a new method to set the regularization coefficient automatically. The effectiveness of the proposed method is illustrated by experiments on darknet data.

UR - http://www.scopus.com/inward/record.url?scp=84992618608&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84992618608&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-46687-3_59

DO - 10.1007/978-3-319-46687-3_59

M3 - Conference contribution

AN - SCOPUS:84992618608

SN - 9783319466866

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 537

EP - 545

BT - Neural Information Processing - 23rd International Conference, ICONIP 2016, Proceedings

A2 - Doya, Kenji

A2 - Ikeda, Kazushi

A2 - Lee, Minho

A2 - Hirose, Akira

A2 - Ozawa, Seiichi

A2 - Liu, Derong

PB - Springer Verlag

T2 - 23rd International Conference on Neural Information Processing, ICONIP 2016

Y2 - 16 October 2016 through 21 October 2016

ER -

Botnet detection using graphical lasso with graph density

抄録

出版物シリーズ

その他

All Science Journal Classification (ASJC) codes

文献へのアクセス

他のファイルとリンク

フィンガープリント

引用スタイル