Skip to main content
Journal ArticleOPEN ACCESS

Mining botnet coordinated attacks using Apriori-Prefixspan hybrid algorithm

Journal of Information Processing (2013) 21(4) 607-616
DOI: 10.2197/ipsjjip.21.607
3Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.

Abstract

This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years. © 2013 Information Processing Society of Japan.

Author supplied keywords

Cite

CITATION STYLE

APA

Ohrui, M., Kikuchi, H., Rosyid, N. R., & Terada, M. (2013). Mining botnet coordinated attacks using Apriori-Prefixspan hybrid algorithm. Journal of Information Processing, 21(4), 607–616. https://doi.org/10.2197/ipsjjip.21.607

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free