A Hybrid Learning System to Mitigate Botnet Concept Drift Attacks
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Wang, Zhi | - |
dc.contributor.author | Tian, Meiqi | - |
dc.contributor.author | Zhang, Xiao | - |
dc.contributor.author | Wang, Junnan | - |
dc.contributor.author | Liu, Zheli | - |
dc.contributor.author | Jia, Chunfu | - |
dc.contributor.author | You, Ilsun | - |
dc.date.accessioned | 2021-08-11T16:24:17Z | - |
dc.date.available | 2021-08-11T16:24:17Z | - |
dc.date.issued | 2017 | - |
dc.identifier.issn | 1607-9264 | - |
dc.identifier.issn | 2079-4029 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/sch/handle/2021.sw.sch/8385 | - |
dc.description.abstract | Botnet is one of the most significant threats for Internet security. Machine learning has been widely deployed in botnet detection systems as a core component. The assumption of machine learning algorithm is that the underlying data distribution of botnet is stable for training and testing, however which is vulnerable to well-crafted concept drift attacks, such as mimicry attacks, gradient descent attacks, poisoning attacks and so on. So, machine learning itself could be the weakest link in a botnet detection system. This paper proposes a hybrid learning system that combines vertical and horizontal correlation models based on statistical p-values. The significant diversity between vertical and horizontal correlation models increases the difficulty of concept drift attacks. Moreover, average p-value assessment is applied to fortify the system to be more sensitive to hidden concept drift attacks. SIM and DIFF assessments are further introduced to locate the affected features when concept drift attacks are recognized, then active feature reweighting is used to mitigate model aging. The experiment results show that the hybrid system could recognize the concept drift among different Miuref variants, and reweight affected features to avoid model aging. | - |
dc.format.extent | 10 | - |
dc.language | 영어 | - |
dc.language.iso | ENG | - |
dc.publisher | National Dong Hwa University | - |
dc.title | A Hybrid Learning System to Mitigate Botnet Concept Drift Attacks | - |
dc.type | Article | - |
dc.publisher.location | 대만 | - |
dc.identifier.doi | 10.6138/JIT.2017.18.6.20171003 | - |
dc.identifier.scopusid | 2-s2.0-85038807605 | - |
dc.identifier.wosid | 000417693300019 | - |
dc.identifier.bibliographicCitation | Journal of Internet Technology, v.18, no.6, pp 1419 - 1428 | - |
dc.citation.title | Journal of Internet Technology | - |
dc.citation.volume | 18 | - |
dc.citation.number | 6 | - |
dc.citation.startPage | 1419 | - |
dc.citation.endPage | 1428 | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Malware detection | - |
dc.subject.keywordAuthor | Machine learning | - |
dc.subject.keywordAuthor | Concept drift | - |
dc.subject.keywordAuthor | Vertical correlation | - |
dc.subject.keywordAuthor | Horizontal correlation | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(31538) 22, Soonchunhyang-ro, Asan-si, Chungcheongnam-do, Republic of Korea+82-41-530-1114
COPYRIGHT 2021 by SOONCHUNHYANG UNIVERSITY ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.