Skip to main content
SpringerLink
Log in

Self-adaptive System for the Corporate Area Network Resilience in the Presence of Botnet Cyberattacks

  • Conference paper
  • First Online:
Book cover Computer Networks (CN 2018)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 860))

Included in the following conference series:

Abstract

The paper presents a self-adaptive system for the corporate area networks’ resilience in the presence of botnets’ cyberattacks. The resilience is ensured by the adaptive reconfiguration of the network. The reconfiguration of the network is carried out based on security scenarios, adopted on the base of the cluster analysis of gathered Internet traffic features inherent to cyberattacks. In order to choose the needed security scenarios, the proposed method uses a semi-supervised fuzzy c-means clustering. Objects of clustering are feature vectors which elements may indicate the appearance of cyber threats in the corporate area networks. The purpose of the technique is to choose security scenarios according to cyberattacks performed by botnets in order to mitigate the attacks and ensure the network’s resilient functioning.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. NEXUSGUARD: DDoS Threat Report 2017 Q3. https://www.nexusguard.com/threat-report-q3-2017

  2. Oxford Dictionaries. http://www.oxforddictionaries.com/definition/english/botnet?q=botnet

  3. SearchDataCenter. Data Center Resiliency. http://searchdatacenter.techtarget.com/definition/resiliency

  4. Giudice, M., Wilkinson, C.: Crowe Horwath: Resilience Going Beyond Security to a New Level of Readiness (2016). https://www.crowehorwath.com/insights/asset/cyber-resilience-readiness-level

  5. Knapp, E.D., Langill, J.T.: Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems, vol. 460. Syngress (2014)

    Google Scholar 

  6. Cheng, B.H.C., et al.: Software engineering for self-adaptive systems: a research roadmap. In: Cheng, B.H.C., de Lemos, R., Giese, H., Inverardi, P., Magee, J. (eds.) Software Engineering for Self-Adaptive Systems. LNCS, vol. 5525, pp. 1–26. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02161-9_1

    Chapter  Google Scholar 

  7. Macías-Escrivá, F.D., Haber, R., Del Toro, R., Hernandez, V.: Self-adaptive systems: a survey of current approaches, research challenges and applications. Exp. Syst. Appl. 40(18), 7267–7279 (2013)

    Article  Google Scholar 

  8. Zuzcak, M., Sochor, T.: Behavioral analysis of bot activity in infected systems using honeypots. In: Gaj, P., Kwiecień, A., Sawicki, M. (eds.) CN 2017. CCIS, vol. 718, pp. 118–133. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59767-6_10

    Chapter  Google Scholar 

  9. Sochor, T., Zuzcak, M.: Attractiveness study of honeypots and honeynets in internet threat detection. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2015. CCIS, vol. 522, pp. 69–81. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19419-6_7

    Chapter  Google Scholar 

  10. Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., Stavrou, A.: A moving target DDoS defense mechanism. Comput. Commun. 46, 10–21 (2014)

    Article  Google Scholar 

  11. Javadianasl, Y., Manaf, A.A., Zamani, M.: A practical procedure for collecting more volatile information in live investigation of botnet attack. In: Hassanien, A.E., Fouad, M.M., Manaf, A.A., Zamani, M., Ahmad, R., Kacprzyk, J. (eds.) Multimedia Forensics and Security. ISRL, vol. 115, pp. 381–414. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44270-9_17

    Chapter  Google Scholar 

  12. Khattak, S., Ramay, N.R., Khan, K.R., Syed, A.A., Khayam, S.A.: A taxonomy of botnet behavior, detection, and defense. IEEE Commun. Surv. Tutorials 16(2), 898–924 (2014)

    Article  Google Scholar 

  13. Wang, P., Wu, L., Aslam, B., Zou, C.C.: Analysis of Peer-to-Peer botnet attacks and defenses. In: Król, D., Fay, D., Gabryś, B. (eds.) Propagation Phenomena in Real World Networks. ISRL, vol. 85, pp. 183–214. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15916-4_8

    Chapter  Google Scholar 

  14. Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognit. Lett. 51, 1–7 (2015)

    Article  Google Scholar 

  15. Hoque, N., Bhuyan, M.H., Baishya, R.C., Bhattacharyya, D.K., Kalita, J.K.: Network attacks: taxonomy, tools and systems. J. Netw. Comput. Appl. 40, 307–324 (2014)

    Article  Google Scholar 

  16. Wang, B., Zheng, Y., Lou, W., Hou, Y.T.: DDoS attack protection in the era of cloud computing and software-defined networking. Comput. Netw. 81, 308–319 (2015)

    Article  Google Scholar 

  17. Pathan, A.S.K. (ed.): Security of Self-organizing Networks: MANET, WSN, WMN, VANET, vol. 638. CRC Press, Boca Raton (2016)

    Google Scholar 

  18. Branitskiy, A., Kotenko, I.: Network attack detection based on combination of neural, immune and neuro-fuzzy classifiers. In: 2015 IEEE 18th International Conference on Computational Science and Engineering (CSE), pp. 152–159 (2015)

    Google Scholar 

  19. Komar, M., Sachenko, A., Bezobrazov, S., Golovko, V.: Intelligent cyber defense system using artificial neural network and immune system techniques. In: Ginige, A., et al. (eds.) Information and Communication Technologies in Education, Research, and Industrial Applications, ICTERI 2016. CCIS, vol. 783, pp. 36–55. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69965-3_3

    Chapter  Google Scholar 

  20. Bezobrazov, S., Sachenko, A., Komar, M., Rubanau, V.: The methods of artificial intelligence for malicious applications detection in Android OS. Int. J. Comput. 15(3), 184–190 (2016)

    Google Scholar 

  21. Lysenko, S., Savenko, O., Kryshchuk, A., Kljots, Y.: Botnet detection technique for corporate area network. In: Proceedings of the 2013 IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS), pp. 363–368 (2013)

    Google Scholar 

  22. Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A.: Multi-agent based approach for botnet detection in a corporate area network using fuzzy logic. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2013. CCIS, vol. 370, pp. 146–156. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38865-1_16

    Chapter  Google Scholar 

  23. Pomorova, O., Savenko, O., Lysenko, S., Kryshchuk, A., Bobrovnikova, K.: Anti-evasion technique for the botnets detection based on the passive DNS monitoring and active DNS probing. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2016. CCIS, vol. 608, pp. 83–95. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39207-3_8

    Chapter  Google Scholar 

  24. Lysenko, S., Savenko, O., Bobrovnikova, K., Kryshchuk, A., Savenko, B.: Information technology for botnets detection based on their behaviour in the corporate area network. In: Gaj, P., Kwiecień, A., Sawicki, M. (eds.) CN 2017. CCIS, vol. 718, pp. 166–181. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59767-6_14

    Chapter  Google Scholar 

  25. IMPERVA INCAPSULA. https://www.incapsula.com/ddos/attack-glossary

  26. Najafabadi, M.M., Khoshgoftaar, T.M., Napolitano, A., Wheelus, C.: RUDY Attack: detection at the network level and its important features. In: FLAIRS Conference, pp. 288–293 (2016)

    Google Scholar 

  27. Alejandre, F.V., Cortés, N.C., Anaya, E.A.: Botnet detection using clustering algorithms. Res. Comput. Sci. 118, 65–75 (2016)

    Google Scholar 

  28. Pedrycz, W., Waletzky, J.: Fuzzy clustering with partial supervision. IEEE Trans. Syst. Man Cybernet. Part B (Cybernet.) 27(5), 787–795 (1997)

    Article  Google Scholar 

  29. VIRUS BULLETIN. Grooten, M.: VB2017 Videos on Attacks Against Ukraine. https://www.virusbulletin.com/blog/2017/12/vb2017-videos-attacks-against-ukraine/

  30. SOURCE FORGE: R-U-Dead-Yet? (RUDY) Original Source Code Files. https://sourceforge.net/projects/r-u-dead-yet/

  31. SOURCE FORGE: Hyenae. https://sourceforge.net/projects/hyenae/

  32. dSniff. https://www.monkey.org/~dugsong/dsniff

  33. Linkov, I., Palma-Oliveira, J.M. (eds.): Resilience and Risk: Methods and Application in Environment, Cyber and Social Domains, vol. 580. Springer, Dordrecht (2017). https://doi.org/10.1007/978-94-024-1123-2

    Book  Google Scholar 

Download references

Acknowledgments

We thank the Khmelnytskyi National University for providing access to local network during the performance of the experimental research.

Author information

Authors and Affiliations

  1. Department of Computer Engineering and System Programming, Khmelnitsky National University, Instytutska, 11, Khmelnitsky, Ukraine

    Sergii Lysenko, Oleg Savenko, Kira Bobrovnikova & Andrii Kryshchuk

Authors
  1. Sergii Lysenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Oleg Savenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kira Bobrovnikova
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Andrii Kryshchuk
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sergii Lysenko .

Editor information

Editors and Affiliations

  1. Institute of Informatics, Silesian University of Technology, Gliwice, Poland

    Piotr Gaj

  2. Silesian University of Technology, Gliwice, Poland

    Michał Sawicki

  3. University of Opole, Opole, Poland

    Grażyna Suchacka

  4. Silesian University of Technology, Gliwice, Poland

    Andrzej Kwiecień

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lysenko, S., Savenko, O., Bobrovnikova, K., Kryshchuk, A. (2018). Self-adaptive System for the Corporate Area Network Resilience in the Presence of Botnet Cyberattacks. In: Gaj, P., Sawicki, M., Suchacka, G., Kwiecień, A. (eds) Computer Networks. CN 2018. Communications in Computer and Information Science, vol 860. Springer, Cham. https://doi.org/10.1007/978-3-319-92459-5_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-92459-5_31

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-92458-8

  • Online ISBN: 978-3-319-92459-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation