Paper published in a book (Scientific congresses, symposiums and conference proceedings)
BotGM: Unsupervised Graph Mining to Detect Botnets in Traffic Flows
Lagraa, Sofiane; François, Jérôme; Lahmadi, Abdelkader et al.
2017In CSNet 2017 Conference Proceedings
Peer reviewed
 

Files


Full Text
botgm-csnet.pdf
Author postprint (422.33 kB)
Request a copy

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
big data; computer network security; dependency graph; botnet detection; anomaly detection; NetFlow; statistical analysis
Abstract :
[en] Botnets are one of the most dangerous and serious cybersecurity threats since they are a major vector of large-scale attack campaigns such as phishing, distributed denial-of-service (DDoS) attacks, trojans, spams, etc. A large body of research has been accomplished on botnet detection, but recent security incidents show that there are still several challenges remaining to be addressed, such as the ability to develop detectors which can cope with new types of botnets. In this paper, we propose BotGM, a new approach to detect botnet activities based on behavioral analysis of network traffic flow. BotGM identifies network traffic behavior using graph-based mining techniques to detect botnets behaviors and model the dependencies among flows to traceback the root causes then. We applied BotGM on a publicly available large dataset of Botnet network flows, where it detects various botnet behaviors with a high accuracy without any prior knowledge of them.
Disciplines :
Computer science
Author, co-author :
Lagraa, Sofiane ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
François, Jérôme;  Inria Nancy - Grand Est
Lahmadi, Abdelkader;  University of Lorraine
Minier, Marine;  University of Lorraine
Hammerschmidt, Christian ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
State, Radu  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
no
Language :
English
Title :
BotGM: Unsupervised Graph Mining to Detect Botnets in Traffic Flows
Publication date :
2017
Event name :
1st Cyber Security in Networking Conference
Event place :
Rio de Janeiro, Brazil
Event date :
from 18-10-2017 to 20-10-2017
Audience :
International
Main work title :
CSNet 2017 Conference Proceedings
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
Available on ORBilu :
since 03 September 2018

Statistics


Number of views
108 (2 by Unilu)
Number of downloads
2 (0 by Unilu)

Scopus citations®
 
28
Scopus citations®
without self-citations
26
WoS citations
 
19

Bibliography


Similar publications



Contact ORBilu