【 摘 要 】

Botnets remain an active security problem on the Internet and various computer networks. They are continuously developing with regard to protocols, structure and quality of attacks. Many botnet detection programs are currently available, but only few can detect bots in real-time. The sooner bots are detected the lesser damage they can cause. In this paper, a novel botnet detection system, is proposed to detect peer-to-peer bots. The system consists of three-phases filtering, P2P detection and P2P botnet detection phases. For the third phase, P2P network behavior analysis is performed to detect P2P bots. Experimental results showed that the system exhibits high average true positive rate and extremely low average false positive rate during botnet detection.

【 授权许可】

CC BY   

【 预 览 】

附件列表

Files	Size	Format	View
RO201902195217505ZK.pdf	251KB	PDF	download