Detecting HTTP-based botnet based on characteristic of the C&C session using by SVM

Kazumasa Yamauchi, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

5 被引用数 (Scopus)

抄録

With the spread of computer, the increase of malware is a serious problem. In some malware, damage caused by botnet is a serious problem. Botnets perform the attack by remote control. The purpose of the present work is to suppress the botnet activity by detecting the C&C traffic through well-suited observations. There already exists many detection techniques, most of which focus on IRC-based botnet, and very little focus on HTTP-based botnet, even less, which include comparisons between both detection techniques. In this work, we focus on the HTTP-based botnet, and in order to classify normal HTTP session and C&C session, we make use of Support Vector Machine.

本文言語英語
ホスト出版物のタイトルProceedings - 2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013
出版社IEEE Computer Society
ページ63-68
ページ数6
ISBN(印刷版)9780769550756
DOI
出版ステータス出版済み - 1 1 2013
イベント2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013 - Seoul, 大韓民国
継続期間: 7 25 20137 26 2013

出版物シリーズ

名前Proceedings - 2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013

その他

その他2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013
国/地域大韓民国
CitySeoul
Period7/25/137/26/13

All Science Journal Classification (ASJC) codes

  • コンピュータ ネットワークおよび通信
  • 情報システム

フィンガープリント

「Detecting HTTP-based botnet based on characteristic of the C&C session using by SVM」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル