Skip to main content
Conference ProceedingsOPEN ACCESS

Botyacc: Unified P2P botnet detection using behavioural analysis and graph analysis

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2014) 8713 LNCS(PART 2) 439-456
DOI: 10.1007/978-3-319-11212-1_25
12Citations
Citations of this article
39Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

The detection and isolation of peer-to-peer botnets is an ongoing problem. We propose a novel technique for detecting P2P botnets. Detection is based on unifying behavioural analysis with structured graph analysis. First, our inference technique exploits a fundamental property of botnet design. Modern botnets use peer-to-peer communication topologies which are fundamental to botnet resilience. Second, our technique extends conventional graph-based detection by incorporating behavioural analysis into structured graph analysis, thus unifying graph-theoretic detection with behavioural detection under a single algorithmic framework. We carried out evaluation over real-world P2P botnet traffic and show that the resulting algorithm can localise the majority of bots with low false-positive rate. © 2014 Springer International Publishing Switzerland.

Author supplied keywords

Cite

CITATION STYLE

APA

Nagaraja, S. (2014). Botyacc: Unified P2P botnet detection using behavioural analysis and graph analysis. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8713 LNCS, pp. 439–456). Springer Verlag. https://doi.org/10.1007/978-3-319-11212-1_25

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free