All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

Detecting Botnet Traffic from a Single Host

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F14%3A00226434" target="_blank" >RIV/68407700:21230/14:00226434 - isvavai.cz</a>

  • Result on the web

    <a href="http://www.igi-global.com/chapter/detecting-botnet-traffic-from-a-single-host/123544" target="_blank" >http://www.igi-global.com/chapter/detecting-botnet-traffic-from-a-single-host/123544</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.4018/978-1-4666-7381-6.ch019" target="_blank" >10.4018/978-1-4666-7381-6.ch019</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Detecting Botnet Traffic from a Single Host

  • Original language description

    The detection of bots and botnets in the network may be improved if the analysis is done on the traffic of one bot alone. While a botnet may be detected by correlating the behavior of several bots in a large amount of traffic, one bot alone can be detected by analyzing its unique trends in less traffic. The algorithms to differentiate the traffic of one bot from the normal traffic of one computer may take advantage of these differences. The authors propose to detect bots in the network by analyzing therelationships between flow features in a time window. The technique is based on the Expectation-Maximization clustering algorithm. To verify the method they designed test-beds and obtained a dataset of six different captures. The results are encouraging,showing a true positive error rate of 99.08% with a false positive error rate of 0.7%.

  • Czech name

  • Czech description

Classification

  • Type

    O - Miscellaneous

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

  • Continuities

    I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Others

  • Publication year

    2014

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů