Botnet detection
In this paper, we address the problem of botnet detection by correlating information from trusted hosts and network. Botnets are groups of compromised computers controlled by a botmaster through a command and control (C&C) channel. They are noted as one of the foremost security threat causing la...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , , |
| التنسيق: | conferenceObject |
| منشور في: |
2017
|
| الوصول للمادة أونلاين: | http://hdl.handle.net/10725/5351 http://dx.doi.org/10.1109/ICCITechnology.2013.6579517 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6579517/ |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1864513465823002624 |
|---|---|
| author | Al Ebri, Noura |
| author2 | Otrok, Hadi Mourad, Azzam Al-Hammadi, Yousof |
| author2_role | author author author |
| author_facet | Al Ebri, Noura Otrok, Hadi Mourad, Azzam Al-Hammadi, Yousof |
| author_role | author |
| dc.creator.none.fl_str_mv | Al Ebri, Noura Otrok, Hadi Mourad, Azzam Al-Hammadi, Yousof |
| dc.date.none.fl_str_mv | 2017-03-10T08:44:44Z 2017-03-10T08:44:44Z 2017-03-10 |
| dc.identifier.none.fl_str_mv | 9781467353076 http://hdl.handle.net/10725/5351 http://dx.doi.org/10.1109/ICCITechnology.2013.6579517 Al Ebri, N., Otrok, H., Mourad, A., & Al-Hammadi, Y. (2013, June). Botnet detection: A cooperative game theoretical correlation-based model. In Communications and Information Technology (ICCIT), 2013 Third International Conference on (pp. 28-32). IEEE. http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6579517/ |
| dc.language.none.fl_str_mv | en |
| dc.publisher.none.fl_str_mv | IEEE |
| dc.rights.*.fl_str_mv | info:eu-repo/semantics/openAccess |
| dc.title.none.fl_str_mv | Botnet detection a cooperative game theoretical correlation-based model |
| dc.type.none.fl_str_mv | Conference Paper / Proceeding info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/conferenceObject |
| description | In this paper, we address the problem of botnet detection by correlating information from trusted hosts and network. Botnets are groups of compromised computers controlled by a botmaster through a command and control (C&C) channel. They are noted as one of the foremost security threat causing large scale attacks such as Distributed Denial of Service (DDoS), Spam, mass identity theft and click fraud. Various approaches are used to detect botnets and they range from network to host level detection. To enhance the detection rate, a correlation based model was proposed that combines both host and network level information. Such a model is valid in a network made of trusted hosts. The emergence of smartphones with the capability of mobility and being hosts in different networks, open the door of having untrusted hosts that can reveal fake information. As a solution, we propose a trust-based model that uses cooperative game theory to cluster trusted hosts. The trust is built using the reputation value and it is computed using the hosts' marginal contribution which is derived from Shapley value. Simulation results show that our model improves the detection score compared to the traditional correlation model. Where in one of the simulated scenarios we are able to detect a benign cluster of hosts faster than the traditional correlation model. |
| eu_rights_str_mv | openAccess |
| format | conferenceObject |
| id | LAURepo_00745b81437e12c7e7b045c0e2fd63ee |
| identifier_str_mv | 9781467353076 Al Ebri, N., Otrok, H., Mourad, A., & Al-Hammadi, Y. (2013, June). Botnet detection: A cooperative game theoretical correlation-based model. In Communications and Information Technology (ICCIT), 2013 Third International Conference on (pp. 28-32). IEEE. |
| language_invalid_str_mv | en |
| network_acronym_str | LAURepo |
| network_name_str | Lebanese American University repository |
| oai_identifier_str | oai:laur.lau.edu.lb:10725/5351 |
| publishDate | 2017 |
| publisher.none.fl_str_mv | IEEE |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | Botnet detectiona cooperative game theoretical correlation-based modelAl Ebri, NouraOtrok, HadiMourad, AzzamAl-Hammadi, YousofIn this paper, we address the problem of botnet detection by correlating information from trusted hosts and network. Botnets are groups of compromised computers controlled by a botmaster through a command and control (C&C) channel. They are noted as one of the foremost security threat causing large scale attacks such as Distributed Denial of Service (DDoS), Spam, mass identity theft and click fraud. Various approaches are used to detect botnets and they range from network to host level detection. To enhance the detection rate, a correlation based model was proposed that combines both host and network level information. Such a model is valid in a network made of trusted hosts. The emergence of smartphones with the capability of mobility and being hosts in different networks, open the door of having untrusted hosts that can reveal fake information. As a solution, we propose a trust-based model that uses cooperative game theory to cluster trusted hosts. The trust is built using the reputation value and it is computed using the hosts' marginal contribution which is derived from Shapley value. Simulation results show that our model improves the detection score compared to the traditional correlation model. Where in one of the simulated scenarios we are able to detect a benign cluster of hosts faster than the traditional correlation model.N/AIEEE2017-03-10T08:44:44Z2017-03-10T08:44:44Z2017-03-10Conference Paper / Proceedinginfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObject9781467353076http://hdl.handle.net/10725/5351http://dx.doi.org/10.1109/ICCITechnology.2013.6579517Al Ebri, N., Otrok, H., Mourad, A., & Al-Hammadi, Y. (2013, June). Botnet detection: A cooperative game theoretical correlation-based model. In Communications and Information Technology (ICCIT), 2013 Third International Conference on (pp. 28-32). IEEE.http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.phphttp://ieeexplore.ieee.org/abstract/document/6579517/eninfo:eu-repo/semantics/openAccessoai:laur.lau.edu.lb:10725/53512021-03-19T10:00:56Z |
| spellingShingle | Botnet detection Al Ebri, Noura |
| status_str | publishedVersion |
| title | Botnet detection |
| title_full | Botnet detection |
| title_fullStr | Botnet detection |
| title_full_unstemmed | Botnet detection |
| title_short | Botnet detection |
| title_sort | Botnet detection |
| url | http://hdl.handle.net/10725/5351 http://dx.doi.org/10.1109/ICCITechnology.2013.6579517 http://libraries.lau.edu.lb/research/laur/terms-of-use/articles.php http://ieeexplore.ieee.org/abstract/document/6579517/ |