Principal Component Analysis of Botnet Takeover
スポンサーリンク
概要
- 論文の詳細を見る
A botnet is a network of compromised computers infected with malware that is controlled remotely via public communications media. Many attempts at botnet detection have been made including heuristics analyses of traffic. In this study, we propose a new method for identifying independent botnets in the CCC Dataset 2009, the log of download servers observed by distributed honeypots, by applying the technique of Principal Component Analysis. Our main results include distinguishing four independent botnets when a year is divided into five phases.
著者
-
Terada Masato
Hitachi Incident Response Team (hirt) Hitachi Ltd.
-
KIKUCHI HIROAKI
Tokai University
-
Matsuo Shuji
Tokai University
関連論文
- Frequent Sequential Attack Patterns of Malware in Botnets
- Principal Component Analysis of Botnet Takeover
- Estimation of Increase of Scanners Based on ISDAS Distributed Sensors
- Sender and Recipient Anonymous Communication without Public Key Cryptography
- Analysis on the Sequential Behavior of Malware Attacks
- Principal Component Analysis of Botnet Takeover
- Time Zone Correlation Analysis of Malware/Bot Downloads
- Automated Port-scan Classification with Decision Tree and Distributed Sensors
- Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
- Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
- Estimation of Increase of Scanners Based on ISDAS Distributed Sensors
- Time Zone Analysis on IIJ Network Traffic for Malicious Botnet Activities
- Privacy-Preserving Collaborative Filtering Schemes With Sampling Users