The aim of this paper is to present concept of the botnet detection method based on the network flow clustering. There are a lot of botnets implementations and there are a lot of methods of their detection. Usually those methods are only effective for specific groups of botnets for example, which are using IRC, HTML or P2P protocol for internal communication. Method presented below, called BotTROP is a concept how to detect different kind of botnets based on their synchronous activity.
CITATION STYLE
Ostap, H., & Antkiewicz, R. (2017). A concept of clustering-based method for botnet detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10446 LNCS, pp. 223–234). Springer Verlag. https://doi.org/10.1007/978-3-319-65127-9_18
Mendeley helps you to discover research relevant for your work.