A Reliable & Scalable Frame Work for HTTP BotNet Detection

  IJCTT-book-cover
 
International Journal of Computer Trends and Technology (IJCTT)          
 
© 2017 by IJCTT Journal
Volume-54 Number-1
Year of Publication : 2017
Authors : Dr.R.Kannan, Mrs.Poongodi
DOI :  10.14445/22312803/IJCTT-V54P105

MLA

Dr.R.Kannan, Mrs.Poongodi "A Reliable & Scalable Frame Work for HTTP BotNet Detection". International Journal of Computer Trends and Technology (IJCTT) V53(1):19-23, December 2017. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract -
With growing number of internet based applications, smart phones and mobile computing devices to connect such applications has increase the use of internet technology. The growing network capabilities enable distributing and resources sharing even among cross platform devices. Parallel processing enables to utilize resources exceeding more than one machine. Exploiting such development’s and computational freedom, attacker’s use botnets for various tasks including data stealing, denial of service, and other illegal activities. To detect botnets from regular activity in the network involves distinguishing regular traffic and botnet activity. The resilient nature of botnets can’t be predicted with regular time intervals and the activity may resume at any given time. This paper aims to classify the patterns of the botnets and to mitigate the effects of Botnet through detection and prevention framework proposed. The framework classifies the malicious activity using information mining methods to distinguish internet traffic from malicious traffic, once the traffic patterns are identified; future patters can be identified to remove botnets from the network.

References
[1] (Basil,Mourab, 2013) An efficient method to detect periodic behavior in botnet traffic by analyzing control plane traffic, Journal of Advanced Research, Volume 5, Issue 4, July 2014, Pages 435-448,
[2] Fedynyshyn G., Chuah M.C., Tan G. (2011) Detection and Classification of Different Botnet C&C Channels. In: Calero J.M.A., Yang L.T., Mármol F.G., García Villalba L.J., Li A.X., Wang Y. (eds) Autonomic and Trusted Computing. ATC 2011. Lecture Notes in Computer Science, vol 6906. Springer, Berlin, Heidelberg.
[3] J. Kwon, J. Lee, H. Lee, Hidden bot detection by tracing nonhuman generated traffic at the Zombie host, in: Information Security Practice and Experience, Springer, 2011, pp. 343–361.
[[4] Gu, G, Zhang, J & Lee, W 2008, `BotSniffer:Detecting Botnet Command and Control Channels in Network Traffic`, paper presented to 15th Annual Network and Distributed System Security Symposium (NDSS`08), San Diego, CA.
[5] Tegeler, F, Fu, X, Vigna, G & Kruegel, C 2012, BotFinder: finding bots in network traffic without deep packet inspection, ACM, Nice, France.
[6] Zang, X, Tang pong, A, Kesidis, G & Miller, DJ 2011, Botnet Detection Through Fine Flow Classification, The Pennsylvania State University, University Park, PA, 168.
[7] Wang, K., Huang, C.-Y., Lin, S.-J., & Lin, Y.-D. (2011). A fuzzy pattern-based filtering algorithm for botnet detection. Computer Networks, (55), 3275-3286.
[8] Lu, W., Rammidi, G., & Ghorbani, A. A. (2011). Clustering botnet communication traffic based on n-gram feature selection. Computer Communications, 34, 502-514.
[9] Garg, S., Singh, A. K., Sarje, A. K., & Peddoju, S. K. (2013). Behaviour analysis of machine learning algorithms for detecting P2P botnets. Paper presented at the 15th International Conference on Advanced Computing Technologies (ICACT).
[10] Junjie, Z., Perdisci, R., Wenke, L., Sarfraz, U., & Xiapu, L. (2011). Detecting stealthy P2P botnets using statistical traffic fingerprints. Paper presented at the IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN), Hong Kong.
[11] Wen-Hwa, L., & Chia-Ching, C. (2010). Peer to Peer Botnet Detection Using Data Mining Scheme. Paper presented at the the international Conference on Internet Technology and applications, Wuhan, China.
[12] Nogueira, A., Salvador, P., & Blessa, F. (2010). A Botnet Detection System Based on Neural Networks. Paper presented at the Fifth International Conference on digital Telecommunications (ICDT), Athens, TBD, Greece.
[13] Saad, S., Traore, I., Ghorbani, A., Sayed, B., Zhao, D., Lu, W., Felix, J., Hakimian, P. (2011). Detecting P2P botnets through network behavior analysis and machine learning. Paper presented at the Ninth Annual International Conference on Privacy, Security and Trust (PST), Montreal, QC.

Keywords
Botnet,SVMhyperplane,Clustering,BDoS,IRC and C&C.