Skip to main content
SpringerLink
Log in

A Novel Traffic Analysis Model for Botnet Discovery in Dynamic Network

  • Research Article - Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

In this paper, we propose a collaborative pattern-based filtering algorithm which is a behavior-based approach to detect bots in association with case-based reasoning and fuzzy pattern recognition techniques. Network traces are used as a pivotal element to inspect bot-relevant domain names and IP addresses. Particularly, this method extracts the features, and making use of such features along with the IP address, the case-based reasoning is performed. If the address is known, it will be classified as a known bot, whereas if it is unknown, the fuzzy-based mapping is performed to detect botnet. This proposed approach especially reduces the search time and enhances the prediction accuracy up to 96%, and it is also observed that it improves the knowledge repository.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Feily, M.; Shahrestani, A.: A survey of botnet and botnet detection. In: Proceedings of the Third International Conference of IEEE on Emerging Security Information Systems and Technologies, pp. 268–273 (2009)

  2. Wang, P.; Sparks, S.; Zou, C.C.: An advanced hybrid peer-to-peer botnet. IEEE Trans. Dependable Secure Comput. 7(2), 113–127 (2010)

    Article  Google Scholar 

  3. Panimalar, P.; Rameshkumar, K.: Time orient multi-model traffic analysis for efficient botnet detection in internet communication. Int. J. Appl. Eng. Res. 10(21), 42183–42188 (2015)

    Google Scholar 

  4. Huang, P.; Chen, H.; Xing, G.; Tan, Y.: SGF: a state-free gradient-based forwarding protocol for wireless sensor networks. ACM Trans. Sens. Netw. (TOSN) 5(2), 14 (2009)

    Google Scholar 

  5. Syed Saood, Z.; et al.: Case retrieval phase of case-based reasoning technique for medical diagnosis. World Appl. Sci. J. 32(3), 451–458 (2014)

    Google Scholar 

  6. Wang, K.; et al.: A fuzzy pattern-based filtering algorithm for botnet detection. Comput. Netw. 55(15), 3275–3286 (2011)

    Article  Google Scholar 

  7. García, S., et al.: Botnet behavior detection using network synchronism. In: Privacy Intrusion Detection and Response: Technologies for Protecting Networks: Technologies for Protecting Networks, pp. 122–144 (2011)

  8. Burke, R.: Hybrid web recommender systems. Adapt. Web 4321, 377–408 (2007)

    Article  Google Scholar 

  9. Chen, H.; Shi, Q.; Tan, R.; Vincent Poor, H.; Sezaki, K.: Mobile element assisted cooperative localization for wireless sensor networks with obstacles. IEEE Trans. Wirel. Commun. 9(3), 956–963 (2010)

    Article  Google Scholar 

  10. Stevanovic, M.; Pedersen, J.M.: An efficient flow-based botnet detection using supervised machine learning. In: IEEE International Conference on Computing, Networking and Communications (ICNC) (2014)

  11. Zhao, D.; Traore, I.; Ghorbani, A.; Sayed, B.; Saad, S.; Lu, W.: Peer to peer botnet detection based on flow intervals. In: IFIP International Information Security Conference, Information Security and Privacy Research, pp. 87–102 (2012)

  12. Chanthakoummane, Y.; Saiyod, S.; Benjamas, N.; Khamphakdee, N.: Improving Intrusion Detection on Snort Rules for Botnets Detection. Information Science and Applications (ICISA), pp. 765–779 (2016)

  13. Alauthaman, M.; Aslam, N.; Zhang, L.; Alasem, R.; Hossain, M.A.: A P2P botnet detection scheme based on decision tree and adaptive multilayer neural networks. Neural Comput. Appl. 29(11), 991–1004 (2018)

    Article  Google Scholar 

  14. Chen, J.; ChengRuiying, X.: BotGuard: lightweight real-time botnet detection in software-defined networks. Wuhan Univ. J. Nat. Sci. 22(2), 103–113 (2017)

    Article  MathSciNet  Google Scholar 

  15. McCarty, B.: Botnets: big and bigger. IEEE Secur. Priv. 1(4), 87–90 (2003)

    Article  Google Scholar 

  16. Gu, G.; Zhang, J.; Lee, W.: BotSniffer: detecting botnet command and control channels in network traffic. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (2008)

  17. De Mantaras, L.; et al.: Retrieval, reuse, revision and retention in case-based reasoning. Knowl. Eng. Rev. 20(3), 215–240 (2005)

    Article  Google Scholar 

  18. Aamodt, A.; Plaza, E.: Case-based reasoning: foundational issues, methodological variations and system approaches. AI Commun. 7(1), 39–59 (1994)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science, A.V.C. College (Autonomous), Mannampandal, Mayiladuthurai, 609305, India

    P. Panimalar

  2. Information Technology, Hindustan University, Kelambakam, Chennai, 603103, India

    K. Rameshkumar

Authors
  1. P. Panimalar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Rameshkumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to P. Panimalar.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Panimalar, P., Rameshkumar, K. A Novel Traffic Analysis Model for Botnet Discovery in Dynamic Network. Arab J Sci Eng 44, 3033–3042 (2019). https://doi.org/10.1007/s13369-018-3319-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13369-018-3319-7

Keywords

Search

Navigation