Title :
Supervised classification of packets coming from a HTTP botnet
Author :
Brezo, F. ; Gaviria de la Puerta, J. ; Ugarte-Pedrero, X. ; Santos, Igor ; Bringas, Pablo G. ; Barroso, D.
Author_Institution :
DeustoTech Comput., Univ. de Deusto, Deusto, Spain
Abstract :
The posibilities that the management of a vast amount of computers and/or networks offer, is attracting an increasing number of malware writers. In this document, the authors propose a methodology thought to detect malicious botnet traffic, based on the analysis of the packets flow that circulate in the network. This objective is achieved by means of the parametrization of the static characteristics of packets, which are lately analysed using supervised machine learning techniques focused on traffic labelling so as to face proactively to the huge volume of information nowadays filters work with.
Keywords :
computer network management; computer network security; information filters; invasive software; learning (artificial intelligence); pattern classification; telecommunication traffic; transport protocols; HTTP botnet; computer network management; information filters; malicious botnet traffic detection; packet flow analysis; packet static characteristics parametrization; supervised machine learning techniques; supervised packet classification; traffic labelling; Electronic mail; IP networks; Irrigation; Machine learning; Malware; Monitoring; Silicon compounds; Botnet; Detection; Machine Learning; Packets; Supervised;
Conference_Titel :
Informatica (CLEI), 2012 XXXVIII Conferencia Latinoamericana En
Conference_Location :
Medellin
Print_ISBN :
978-1-4673-0794-9
DOI :
10.1109/CLEI.2012.6427168
