A discovery of sequential attack patterns of malware in botnets

  • Rosyid N
  • Ohrui M
  • Kikuchi H
 et al. 
  • 16


    Mendeley users who have this article in their library.
  • 9


    Citations of this article.


More than 90 independent honeypots have observed malware traffic at the Japanese tier-1 backbone. Typical attacks were made by mUltiple servers, coordinating to send many kinds of malware. This paper aims to discover some frequent new sequential attack patterns of mal ware. It is not easy to identify particular patterns logs of one year because the volume of dataset is too large to investigate one by one. To overcome the problem, this paper proposes data mining algorithm, the PrejixSpan method. We implement the PrejixSpan algorithm to analyze the malware footprints and show the experimental result. The result of analysis shows that the attacks are performed by multiple sequential attack patterns within a short amount of time.

Author-supplied keywords

  • Botnets
  • Coordinated attack
  • Malware
  • PrefixSpan
  • Sequential pattern

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Nur Rohman Rosyid

  • Masayuki Ohrui

  • Hiroaki Kikuchi

  • Pitikhate Sooraksa

  • Masato Terada

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free