All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

Botnet Behavior Detection using Network Synchronism

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F11%3A00360842" target="_blank" >RIV/68407700:21230/11:00360842 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.4018/978-1-60960-836-1.ch005" target="_blank" >https://doi.org/10.4018/978-1-60960-836-1.ch005</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.4018/978-1-60960-836-1.ch005" target="_blank" >10.4018/978-1-60960-836-1.ch005</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Botnet Behavior Detection using Network Synchronism

  • Original language description

    Botnets’ diversity and dynamism challenge detection and classification algorithms depend heavily on static or protocol-dependant features. Several methods showing promising results were proposed using behavioral-based approaches. The authors conducted an analysis of botnets’ and bots’ most inherent characteristics such as synchronism and network load within specific time windows to detect them more efficiently. By not relying on any specific protocol, our proposed approach detects infected computers by clustering bots’ network behavioral characteristics using the Expectation-Maximization algorithm. An encouraging false positive error rate of 0.7% shows that bots’ traffic can be accurately separated by our approach by analyzing several bots and non-botnet network captures and applying a detailed analysis of error rates.

  • Czech name

  • Czech description

Classification

  • Type

    C - Chapter in a specialist book

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

  • Continuities

    I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2011

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Book/collection name

    Privacy, Intrusion Detection and Response: Technologies for Protecting Networks

  • ISBN

    9781609608361

  • Number of pages of the result

    23

  • Pages from-to

    1-23

  • Number of pages of the book

    468

  • Publisher name

    IGI Global

  • Place of publication

    Hershey, Pennsylvania

  • UT code for WoS chapter