|
Article Details :: |
|
|
| Article Name : | | | DETECTION OF ENCRYPTED BOTNETS | | Author Name : | | | Andrea Noreen D'silva , Vidyarani H. J. | | Publisher : | | | Ashok Yakkaldevi | | Article Series No. : | | | ROR-1526 | | Article : | |  | Author Profile | | Abstract : | | | In recent years, botnet is one of the major threats to network security. Many approaches have been proposed to detect botnets by comparing bot features. Usually, these approaches adopt traffic reduction strategy as first step to reduce the flow to following strategies by filtering packets. Botnets have started usingInformation obfuscation techniques include encryption to evade detection. In order to detect encrypted botnet traffic, in this paper we see detection of encrypted botnet traffic from normal network traffic as traffic classification problem. After analyses features of encrypted botnet traffic, we propose a novel meta-level classification algorithm based on content features and flow features of traffic. The content features consist of information entropy and byte frequency distribution, and the flow features consist of port number, payload length and protocol type of application layer. Then we use Naive Bayes classification algorithms to detect botnet traffic. | | Keywords : | | - Machine learning Classification ,Machine learning Classification ,Machine learning Classification ,Machine learning Classification ,
|
|
|
|