Paper Abstract and Keywords |
Presentation |
2019-07-04 09:00
Traffic Feature-based Botnet Detection Scheme Emphasizing the Importance of Long Patterns Yichen An, Shuichiro Haruta, Sanghun Choi, Iwao Sasase (Keio Univ.) CS2019-18 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
The botnet detection is imperative. Among several detection schemes, the promising one uses the communication sequences. The main idea of that scheme is that the communication sequences represent special feature since they are controlled by programs. That sequence is tokenized to truncated sequences by $n$-gram and the numbers of each pattern's occurrence are used as a feature vector. However, although the features are normalized by the total number of all patterns' occurrences, the number of occurrences in larger $n$ are less than those of smaller $n$. That is, regardless of the value of $n$, the previous scheme normalizes it by the total number of all patterns' occurrences. As a result, normalized long patterns' features become very small value and are hidden by others. In order to overcome this shortcoming, in this paper, we propose tit. We realize the emphasizing by two ideas. The first idea is normalizing occurrences by the total number of occurrences in each $n$ instead of the total number of all patterns' occurrences. By doing this, smaller occurrences in larger $n$ are normalized by smaller values and the feature becomes more balanced with larger value. The second idea is giving weights to the normalized features by calculating ranks of the normalized feature. By weighting features according to the ranks, we can get more outstanding features of longer patterns. By the computer simulation with real dataset, we show the effectiveness of our scheme. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
botnet detection / machine learning / feature emphasizing / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 119, no. 101, CS2019-18, pp. 31-35, July 2019. |
Paper # |
CS2019-18 |
Date of Issue |
2019-06-27 (CS) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
CS2019-18 |
Conference Information |
Committee |
CS |
Conference Date |
2019-07-04 - 2019-07-05 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Amami City Social Welfare Center |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Next Generation Networks, Access Networks, Broadband Access, Power Line Communications, Wireless Communication Systems, Coding Systems, etc. |
Paper Information |
Registration To |
CS |
Conference Code |
2019-07-CS |
Language |
English |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Traffic Feature-based Botnet Detection Scheme Emphasizing the Importance of Long Patterns |
Sub Title (in English) |
|
Keyword(1) |
botnet detection |
Keyword(2) |
machine learning |
Keyword(3) |
feature emphasizing |
Keyword(4) |
|
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Yichen An |
1st Author's Affiliation |
Keio University (Keio Univ.) |
2nd Author's Name |
Shuichiro Haruta |
2nd Author's Affiliation |
Keio University (Keio Univ.) |
3rd Author's Name |
Sanghun Choi |
3rd Author's Affiliation |
Keio University (Keio Univ.) |
4th Author's Name |
Iwao Sasase |
4th Author's Affiliation |
Keio University (Keio Univ.) |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2019-07-04 09:00:00 |
Presentation Time |
15 minutes |
Registration for |
CS |
Paper # |
CS2019-18 |
Volume (vol) |
vol.119 |
Number (no) |
no.101 |
Page |
pp.31-35 |
#Pages |
5 |
Date of Issue |
2019-06-27 (CS) |
|