Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection

Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection

As computer and network technologies evolve, the complexity of cybersecurity has dramatically increased. Advanced cyber threats have led to current approaches to cyber-attack detection becoming ineffective. Many currently used computer systems and applications have never been deeply tested from a cy...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Security and communication networks 2017-01, Vol.2017 (2017), p.1-10
Hauptverfasser: Kozik, Rafał, Choraś, Michał
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Anomalies
Batch processing
Behavior
Big Data
Communication
Communications traffic
Computer architecture
Cybersecurity
Data mining
Data processing
Datasets
Machine learning
Malware
R&D
Research & development
Software
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 10
container_issue 2017
container_start_page 1
container_title Security and communication networks
container_volume 2017
creator Kozik, Rafał
Choraś, Michał
description As computer and network technologies evolve, the complexity of cybersecurity has dramatically increased. Advanced cyber threats have led to current approaches to cyber-attack detection becoming ineffective. Many currently used computer systems and applications have never been deeply tested from a cybersecurity point of view and are an easy target for cyber criminals. The paradigm of security by design is still more of a wish than a reality, especially in the context of constantly evolving systems. On the other hand, protection technologies have also improved. Recently, Big Data technologies have given network administrators a wide spectrum of tools to combat cyber threats. In this paper, we present an innovative system for network traffic analysis and anomalies detection to utilise these tools. The systems architecture is based on a Big Data processing framework, data mining, and innovative machine learning techniques. So far, the proposed system implements pattern extraction strategies that leverage batch processing methods. As a use case we consider the problem of botnet detection by means of data in the form of NetFlows. Results are promising and show that the proposed system can be a useful tool to improve cybersecurity.
doi_str_mv 10.1155/2017/6047053
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2455788645</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2455788645</sourcerecordid><originalsourceid>FETCH-LOGICAL-c360t-ae5d28f8231a1a36506256463a31a8eef87bf45fe0fd03661babb2db179df7663</originalsourceid><addsrcrecordid>eNqF0E1PAjEQBuDGaCKiN8-miUdd7XeXIyD4EaIe9Nx02aksgS22RfTfu7hEj55mMnlmJnkROqXkilIprxmh-loRoYnke6hDe7yXEcrY_m9PxSE6inFOiKJCiw56eLYpQajx6DMFO02Vr3F_8eZDlWZL7HzAj5DGC7_JBjZCiQc-1ZBwv5EfVaog4htI8LN3jA6cXUQ42dUueh2PXoZ32eTp9n7Yn2RTrkjKLMiS5S5nnFpquZJEMamE4rYZ5AAu14UT0gFxJeFK0cIWBSsLqnul00rxLjpv766Cf19DTGbu16FuXhompNR5roRs1GWrpsHHGMCZVaiWNnwZSsw2LbNNy-zSavhFy2dVXdpN9Z8-azU0Bpz904xwQiX_BvlHcrw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2455788645</pqid></control><display><type>article</type><title>Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection</title><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><source>Wiley-Blackwell Open Access Titles</source><creator>Kozik, Rafał ; Choraś, Michał</creator><contributor>García-Teodoro, Pedro ; Pedro García-Teodoro</contributor><creatorcontrib>Kozik, Rafał ; Choraś, Michał ; García-Teodoro, Pedro ; Pedro García-Teodoro</creatorcontrib><description>As computer and network technologies evolve, the complexity of cybersecurity has dramatically increased. Advanced cyber threats have led to current approaches to cyber-attack detection becoming ineffective. Many currently used computer systems and applications have never been deeply tested from a cybersecurity point of view and are an easy target for cyber criminals. The paradigm of security by design is still more of a wish than a reality, especially in the context of constantly evolving systems. On the other hand, protection technologies have also improved. Recently, Big Data technologies have given network administrators a wide spectrum of tools to combat cyber threats. In this paper, we present an innovative system for network traffic analysis and anomalies detection to utilise these tools. The systems architecture is based on a Big Data processing framework, data mining, and innovative machine learning techniques. So far, the proposed system implements pattern extraction strategies that leverage batch processing methods. As a use case we consider the problem of botnet detection by means of data in the form of NetFlows. Results are promising and show that the proposed system can be a useful tool to improve cybersecurity.</description><identifier>ISSN: 1939-0114</identifier><identifier>EISSN: 1939-0122</identifier><identifier>DOI: 10.1155/2017/6047053</identifier><language>eng</language><publisher>Cairo, Egypt: Hindawi Publishing Corporation</publisher><subject>Algorithms ; Anomalies ; Batch processing ; Behavior ; Big Data ; Communication ; Communications traffic ; Computer architecture ; Cybersecurity ; Data mining ; Data processing ; Datasets ; Machine learning ; Malware ; R&amp;D ; Research &amp; development ; Software</subject><ispartof>Security and communication networks, 2017-01, Vol.2017 (2017), p.1-10</ispartof><rights>Copyright © 2017 Rafał Kozik and Michał Choraś.</rights><rights>Copyright © 2017 Rafał Kozik and Michał Choraś. This is an open access article distributed under the Creative Commons Attribution License (the “License”), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License. https://creativecommons.org/licenses/by/4.0</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c360t-ae5d28f8231a1a36506256463a31a8eef87bf45fe0fd03661babb2db179df7663</citedby><cites>FETCH-LOGICAL-c360t-ae5d28f8231a1a36506256463a31a8eef87bf45fe0fd03661babb2db179df7663</cites><orcidid>0000-0001-7122-3306</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><contributor>García-Teodoro, Pedro</contributor><contributor>Pedro García-Teodoro</contributor><creatorcontrib>Kozik, Rafał</creatorcontrib><creatorcontrib>Choraś, Michał</creatorcontrib><title>Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection</title><title>Security and communication networks</title><description>As computer and network technologies evolve, the complexity of cybersecurity has dramatically increased. Advanced cyber threats have led to current approaches to cyber-attack detection becoming ineffective. Many currently used computer systems and applications have never been deeply tested from a cybersecurity point of view and are an easy target for cyber criminals. The paradigm of security by design is still more of a wish than a reality, especially in the context of constantly evolving systems. On the other hand, protection technologies have also improved. Recently, Big Data technologies have given network administrators a wide spectrum of tools to combat cyber threats. In this paper, we present an innovative system for network traffic analysis and anomalies detection to utilise these tools. The systems architecture is based on a Big Data processing framework, data mining, and innovative machine learning techniques. So far, the proposed system implements pattern extraction strategies that leverage batch processing methods. As a use case we consider the problem of botnet detection by means of data in the form of NetFlows. Results are promising and show that the proposed system can be a useful tool to improve cybersecurity.</description><subject>Algorithms</subject><subject>Anomalies</subject><subject>Batch processing</subject><subject>Behavior</subject><subject>Big Data</subject><subject>Communication</subject><subject>Communications traffic</subject><subject>Computer architecture</subject><subject>Cybersecurity</subject><subject>Data mining</subject><subject>Data processing</subject><subject>Datasets</subject><subject>Machine learning</subject><subject>Malware</subject><subject>R&amp;D</subject><subject>Research &amp; development</subject><subject>Software</subject><issn>1939-0114</issn><issn>1939-0122</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>RHX</sourceid><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNqF0E1PAjEQBuDGaCKiN8-miUdd7XeXIyD4EaIe9Nx02aksgS22RfTfu7hEj55mMnlmJnkROqXkilIprxmh-loRoYnke6hDe7yXEcrY_m9PxSE6inFOiKJCiw56eLYpQajx6DMFO02Vr3F_8eZDlWZL7HzAj5DGC7_JBjZCiQc-1ZBwv5EfVaog4htI8LN3jA6cXUQ42dUueh2PXoZ32eTp9n7Yn2RTrkjKLMiS5S5nnFpquZJEMamE4rYZ5AAu14UT0gFxJeFK0cIWBSsLqnul00rxLjpv766Cf19DTGbu16FuXhompNR5roRs1GWrpsHHGMCZVaiWNnwZSsw2LbNNy-zSavhFy2dVXdpN9Z8-azU0Bpz904xwQiX_BvlHcrw</recordid><startdate>20170101</startdate><enddate>20170101</enddate><creator>Kozik, Rafał</creator><creator>Choraś, Michał</creator><general>Hindawi Publishing Corporation</general><general>Hindawi</general><general>Hindawi Limited</general><scope>ADJCN</scope><scope>AHFXO</scope><scope>RHU</scope><scope>RHW</scope><scope>RHX</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0001-7122-3306</orcidid></search><sort><creationdate>20170101</creationdate><title>Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection</title><author>Kozik, Rafał ; Choraś, Michał</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c360t-ae5d28f8231a1a36506256463a31a8eef87bf45fe0fd03661babb2db179df7663</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Algorithms</topic><topic>Anomalies</topic><topic>Batch processing</topic><topic>Behavior</topic><topic>Big Data</topic><topic>Communication</topic><topic>Communications traffic</topic><topic>Computer architecture</topic><topic>Cybersecurity</topic><topic>Data mining</topic><topic>Data processing</topic><topic>Datasets</topic><topic>Machine learning</topic><topic>Malware</topic><topic>R&amp;D</topic><topic>Research &amp; development</topic><topic>Software</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kozik, Rafał</creatorcontrib><creatorcontrib>Choraś, Michał</creatorcontrib><collection>الدوريات العلمية والإحصائية - e-Marefa Academic and Statistical Periodicals</collection><collection>معرفة - المحتوى العربي الأكاديمي المتكامل - e-Marefa Academic Complete</collection><collection>Hindawi Publishing Complete</collection><collection>Hindawi Publishing Subscription Journals</collection><collection>Hindawi Publishing Open Access Journals</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Security and communication networks</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kozik, Rafał</au><au>Choraś, Michał</au><au>García-Teodoro, Pedro</au><au>Pedro García-Teodoro</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection</atitle><jtitle>Security and communication networks</jtitle><date>2017-01-01</date><risdate>2017</risdate><volume>2017</volume><issue>2017</issue><spage>1</spage><epage>10</epage><pages>1-10</pages><issn>1939-0114</issn><eissn>1939-0122</eissn><abstract>As computer and network technologies evolve, the complexity of cybersecurity has dramatically increased. Advanced cyber threats have led to current approaches to cyber-attack detection becoming ineffective. Many currently used computer systems and applications have never been deeply tested from a cybersecurity point of view and are an easy target for cyber criminals. The paradigm of security by design is still more of a wish than a reality, especially in the context of constantly evolving systems. On the other hand, protection technologies have also improved. Recently, Big Data technologies have given network administrators a wide spectrum of tools to combat cyber threats. In this paper, we present an innovative system for network traffic analysis and anomalies detection to utilise these tools. The systems architecture is based on a Big Data processing framework, data mining, and innovative machine learning techniques. So far, the proposed system implements pattern extraction strategies that leverage batch processing methods. As a use case we consider the problem of botnet detection by means of data in the form of NetFlows. Results are promising and show that the proposed system can be a useful tool to improve cybersecurity.</abstract><cop>Cairo, Egypt</cop><pub>Hindawi Publishing Corporation</pub><doi>10.1155/2017/6047053</doi><tpages>10</tpages><orcidid>https://orcid.org/0000-0001-7122-3306</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1939-0114
ispartof Security and communication networks, 2017-01, Vol.2017 (2017), p.1-10
issn 1939-0114
1939-0122
language eng
recordid cdi_proquest_journals_2455788645
source Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals; Wiley-Blackwell Open Access Titles
subjects Algorithms
Anomalies
Batch processing
Behavior
Big Data
Communication
Communications traffic
Computer architecture
Cybersecurity
Data mining
Data processing
Datasets
Machine learning
Malware
R&D
Research & development
Software
title Pattern Extraction Algorithm for NetFlow-Based Botnet Activities Detection
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-04T17%3A51%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Pattern%20Extraction%20Algorithm%20for%20NetFlow-Based%20Botnet%20Activities%20Detection&rft.jtitle=Security%20and%20communication%20networks&rft.au=Kozik,%20Rafa%C5%82&rft.date=2017-01-01&rft.volume=2017&rft.issue=2017&rft.spage=1&rft.epage=10&rft.pages=1-10&rft.issn=1939-0114&rft.eissn=1939-0122&rft_id=info:doi/10.1155/2017/6047053&rft_dat=%3Cproquest_cross%3E2455788645%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2455788645&rft_id=info:pmid/&rfr_iscdi=true