Reference : BotGM: Unsupervised Graph Mining to Detect Botnets in Traffic Flows
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/36519
BotGM: Unsupervised Graph Mining to Detect Botnets in Traffic Flows
English
Lagraa, Sofiane mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
François, Jérôme mailto [Inria Nancy - Grand Est]
Lahmadi, Abdelkader mailto [University of Lorraine]
Minier, Marine mailto [University of Lorraine]
Hammerschmidt, Christian mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
State, Radu mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2017
CSNet 2017 Conference Proceedings
Yes
International
1st Cyber Security in Networking Conference
from 18-10-2017 to 20-10-2017
Rio de Janeiro
Brazil
[en] big data ; computer network security ; dependency graph ; botnet detection ; anomaly detection ; NetFlow ; statistical analysis
[en] Botnets are one of the most dangerous and serious cybersecurity threats since they are a major vector of large-scale attack campaigns such as phishing, distributed denial-of-service
(DDoS) attacks, trojans, spams, etc. A large body of research has been accomplished on botnet detection, but recent security incidents show that there are still several challenges remaining to
be addressed, such as the ability to develop detectors which can cope with new types of botnets. In this paper, we propose BotGM, a new approach to detect botnet activities based on behavioral
analysis of network traffic flow. BotGM identifies network traffic behavior using graph-based mining techniques to detect botnets behaviors and model the dependencies among flows to traceback the root causes then. We applied BotGM on a publicly available large dataset of Botnet network flows, where it detects various botnet behaviors with a high accuracy without any prior
knowledge of them.
http://hdl.handle.net/10993/36519

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
botgm-csnet.pdfAuthor postprint412.43 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.