research-article

Botnet traffic detection using hidden Markov models

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence ResearchOctober 2011Article No.: 31Pages 1https://doi.org/10.1145/2179298.2179332

Published:12 October 2011Publication History

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research

Pages 1

References

CIA Confirms Cyber Attack Caused Multi-City Power Outage. http://www.secureworks.com/research/ blog/research/21003/.Google Scholar
Electricity Grid in U.S. Penetrated By Spies. http://online.wsj.com/article/ SB123914805204099085.html.Google Scholar
Hackers Target Energy Industry. http://articles. latimes.com/2002/jul/08/science/sci-hackers8.Google Scholar
Siemens: Stuxnet worm hit industrial systems. http://www.computerworld.com/s/article/print/ 9185419/Siemens_Stuxnet_worm_hit_industrial_ systems?taxonomyName=Network+ Security&taxonomyId=142.Google Scholar
The risks to "SCADA" systems from Hackers. http://www.cip.ukcentre.com/security%202.htm.Google Scholar
UAB computer forensics links internet postcards to virus. http://www.hindu.com/thehindu/holnus/ 008200907271321.htm.Google Scholar
Zeus Tracker. https://zeustracker.abuse.ch.Google Scholar
H. Bhanu. Timing Side-Channel Attacks On SSH. Master's thesis, Clemson University.Google Scholar
R. Brooks, J. Schwier, and C. Griffin. Behavior detection using confidence intervals of hidden markov models. IEEE Trans. on Systems, Man, and Cybernetics, part B, 39(6):1484-1492, December 2009. Google ScholarDigital Library
R. M. Craven. Traffic Analysis of Anonymity Systems. Master's thesis, Clemson University.Google Scholar
Y. Lu, J. Schwier, R. Craven, R. Brooks, and C. Griffin. Inferring statistically significant hidden markov models. 2011.Google Scholar
K. Pulasinghe, K. Watanabe, K. Izumi, and K. Kiguchi. Modular fuzzy-neuro controller driven by spoken language commands. IEEE Trans. on Systems, Man, and Cybernetics, part B, 34(1):293-302, Feburary 2004. Google ScholarDigital Library
L. R. Rabiner. A tutorial on hidden markov models and selected applications in speech recognition. In Proceedings of the IEEE, volume 77, pages 257-286, Feburary 1989.Google ScholarCross Ref
J. M. Schwier, R. R. Brooks, C. Griffin, and S. Bukkapatnam. Zero knowledge hidden markov model inference. Pattern Recognition Letters, 30(14):1273-1280, 2009. Google ScholarDigital Library
C. Shalizi and J. Crutchfield. Computational Mechanics: Patterns and Prediction, Structure and Simplicity. Technical report, Santa Fe Institute, 2001.Google Scholar
C. Shalizi, K. Shalizi, and J. Crutchfield. An algorithm for pattern discovery in time series. arXiv:cs.LG/0210025 v3, November 2002.Google Scholar
B. K. Sin, J. Y. Ha, S. C. Oh, and J. H. Kim. Network-based approach to online cursive script recognition. IEEE Trans. on Systems, Man, and Cybernetics, part B, 29(2):321-328, April 1999. Google ScholarDigital Library
T. Starner and A. Pentland. Visual recognition of american sign language using hidden markov models. Perceptual Computing Section, the Media Laboratory, Massachusetts Institute of Technology, Tech. Rep., 1995.Google Scholar
Y. Wang, D. Ruan, J. Xu, M. Wen, and L. Deng. Computational intelligence algorithms analysis for smart grid cyber security. In Advances in Swarm Intelligence. SPRINGER. Google ScholarDigital Library
L. Wei, T. Mahbod, and A. A. Ghorbani. Automatic discovery of botnet communities on large-scale communication networks. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS '09, pages 1-10, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
C. Wilson. Botnets, cybercrime, and cyberterrorism: Vulnerabilities and policy issues for congress. CRS Report for Congress, 2009.Google Scholar

Botnet traffic detection using hidden Markov models
1. Social and professional topics
  1. Computing / technology policy

Recommendations

P2P hierarchical botnet traffic detection using hidden Markov models
LASER '12: Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results

Botnets are a major source of spam, distributed denial-of-service attacks (DDoS) and other cybercrime [21]. Compromised computers are usually controlled by a centralized Command and Control (C&C) server. Hidden Markov models (HMMs) have been used ...
Read More
Masquerade detection using profile hidden Markov models

In this paper, we consider the problem of masquerade detection, based on user-issued UNIX commands. We present a novel detection technique based on profile hidden Markov models (PHMMs). For comparison purposes, we implement an existing modeling ...
Read More
HTTP botnet detection using hidden semi-Markov model with SNMP MIB variables

Botnet has become a prevalent platform for many malicious attacks and hence it is considered as a serious threat to internet security. A botmaster can control millions of compromised systems using command & control C&C infrastructure. At early time IRC ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
October 2011
18 pages
ISBN:9781450309455
DOI:10.1145/2179298
Editors:
Frederick T. Sheldon,
Robert Abercrombie,
Axel Krings
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 12 October 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 17
  Total Citations
  View Citations
- 499
  Total Downloads
- Downloads (Last 12 months)19
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Botnet traffic detection using hidden Markov models

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research

References

Cited By

Recommendations

P2P hierarchical botnet traffic detection using hidden Markov models

Masquerade detection using profile hidden Markov models

HTTP botnet detection using hidden semi-Markov model with SNMP MIB variables

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Botnet traffic detection using hidden Markov models

CSIIRW '11: Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research

References

Cited By

Recommendations

P2P hierarchical botnet traffic detection using hidden Markov models

Masquerade detection using profile hidden Markov models

HTTP botnet detection using hidden semi-Markov model with SNMP MIB variables

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media