In this paper, we propose a systematic approach to generate botnet traffic. Given the lack of benchmarking botnet traffic data, we anticipate that such an endeavour will be beneficial to the research community. To this end, we employ the proposed approach to generate the communication phase of the Zeus and Citadel botnet traffic as a case study. We evaluate the characteristics of the generated data against the characteristics of a sandbox Zeus botnet, as well as the Zeus and Citadel botnet captures in the wild provided by NETRESEC and Snort. Our analysis confirms that the generated data is comparable to the data captured in the wild.
CITATION STYLE
Haddadi, F., & Zincir-Heywood, A. N. (2015). Data confirmation for botnet traffic analysis. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 8930, 329–336. https://doi.org/10.1007/978-3-319-17040-4_21
Mendeley helps you to discover research relevant for your work.