Scalable P2P Botnet Detection with Threshold Setting in Hadoop Framework

Vol. 25, No. 4, pp. 807-816, Aug. 2015
10.13089/JKIISC.2015.25.4.807, Full Text:
Keywords: botnets, scalability, Hadoop, unsupervised detection
Abstract

During the last decade most of coordinated security breaches are performed by the means of botnets, which is a large overlay network of compromised computers being controlled by remote botmaster. Due to high volumes of traffic to be analyzed, the challenge is posed by managing tradeoff between system scalability and accuracy. We propose a novel Hadoop-based P2P botnet detection method solving the problem of scalability and having high accuracy. Moreover, our approach is characterized not to require labeled data and applicable to encrypted traffic as well.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
K. Huseynov, "Scalable P2P Botnet Detection with Threshold Setting in Hadoop Framework," Journal of The Korea Institute of Information Security and Cryptology, vol. 25, no. 4, pp. 807-816, 2015. DOI: 10.13089/JKIISC.2015.25.4.807.

[ACM Style]
Khalid Huseynov. 2015. Scalable P2P Botnet Detection with Threshold Setting in Hadoop Framework. Journal of The Korea Institute of Information Security and Cryptology, 25, 4, (2015), 807-816. DOI: 10.13089/JKIISC.2015.25.4.807.