Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
スポンサーリンク
概要
- 論文の詳細を見る
This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years.
- 一般社団法人 情報処理学会の論文
著者
-
Terada Masato
Hitachi Incident Response Team (hirt) Hitachi Ltd.
-
Kikuchi Hiroaki
Department Electrical Engineering Tokai Univeristy
-
Ohrui Masayuki
Hitachi Ltd., Security & Smart ID Solutions Division
-
Rosyid Nur
School of Vocational, Universitas Gadjah Mada
関連論文
- Oblivious Comparator and Its Application to Secure Auction Protocol (特集:プライバシを保護するコンピュータセキュリティ技術)
- Frequent Sequential Attack Patterns of Malware in Botnets
- Microwave coagulation therapy for hepatocellular carcinoma
- Heparin Reduces Serum Levels of Endothelin-1 and Hepatic Ischemia Reperfusion Injury in Rabbits
- Comparative in vitro activity of carbapenem antibiotics against respiratory pathogens isolated in recent years
- Identification of Mycobacterium avium Complex Isolated in Eastern and Central Japan by Using DNA Probes
- Multi-Round Anonymous Auction Protocols (Special Issue on Internet Technology and Its Applications)
- Enhancement of the Efficacy of Anticancer Drugs with Electroporation : Successful Electrochemotherapy against Gastric Cancer Cell Lines in Vivo and in Vitro
- Enhancing the Effect of Anticancer Drugs against the Colorectal Cancer Cell Line with Electroporation
- Features of DNA Oligonucleosomal Fragmentation in Human Tumor Cell Lines and Its Detection by Flow Cytometry : Utility and Limitations
- Principal Component Analysis of Botnet Takeover
- Attaching of Poly(acrylic acid) to Inorganic Surface and Its Application to Enzyme Immobilization
- Side Chain Dynamics in Poly(ethyl acrylate) Studied by Molecular Dynamics Simulation
- Online Certification Status Verification with a Red-Black Hash Tree (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- Online Certification Status Verification with a Red-Black Hash Tree
- Certificate Revocation Protocol Using k-Ary Hash Tree (Special Issue on Internet Technology)
- Estimation of Increase of Scanners Based on ISDAS Distributed Sensors
- Evaluation of a Classification Method of Web-pages with Decision Tree Algorithm
- FOREWORD
- Evaluation of a Classification Method of Web-pages with Decision Tree Algorithm (SCHOOL OF INFORMATION TECHNOLOGY AND ELECTRONICS)
- Analysis on the Sequential Behavior of Malware Attacks
- Principal Component Analysis of Botnet Takeover
- Time Zone Correlation Analysis of Malware/Bot Downloads
- Automated Port-scan Classification with Decision Tree and Distributed Sensors
- Development of Remote Control Vehicle via Internet and its Usability in terms of Quality of Service
- Privacy-preserving Collaborative Filtering Using Randomized Response
- Privacy-preserving Collaborative Filtering Using Randomized Response
- Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
- Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
- Estimation of Increase of Scanners Based on ISDAS Distributed Sensors
- Time Zone Analysis on IIJ Network Traffic for Malicious Botnet Activities
- Online Certification Status Verification with a Red-Black Hash Tree