Cluster Ensemble with Link-Based Approach for Botnet Detection
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Mai, L. | - |
dc.contributor.author | Noh, D.K. | - |
dc.date.available | 2018-05-09T01:52:27Z | - |
dc.date.created | 2018-04-17 | - |
dc.date.issued | 2018-07 | - |
dc.identifier.issn | 1064-7570 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/7371 | - |
dc.description.abstract | Botnet detection is one of the most imminent tasks for cyber security. Among popular botnet countermeasures, an intrusion detection system is the prominent mechanism. In the past, packet-based intrusion detection systems were popular. However, flow-based intrusion detection systems have been preferred in recent years due to their ability to adapt to modern high-speed networks. A collection of flows from an enterprise network usually contains both botnet traffic and normal traffic. To classify this traffic, supervised machine learning algorithms, i.e., classifications, have been applied and achieved a high accuracy. In an effort to improve the ability of intrusion detection systems against botnets, some studies have suggested partitioning flows into clusters before applying the classifications and this step could significantly reduce the complexity of a flow set. However, the instability of individual clustering algorithms is still a constraint for botnet detection.To overcome this bottleneck, we propose a novel method that combines individual partitions to become a strong learner through the use of a link-based algorithm. Our experiments show that our cluster ensemble model outperforms existing botnet detection mechanisms with a high reliability. We also determine the balance between accuracy and computer resources for botnet detection, and thereby propose a range for the maximum duration time of flows in botnet research. © 2017 Springer Science+Business Media, LLC | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Springer New York LLC | - |
dc.relation.isPartOf | Journal of Network and Systems Management | - |
dc.subject | Artificial intelligence | - |
dc.subject | Classification (of information) | - |
dc.subject | Clustering algorithms | - |
dc.subject | Command and control systems | - |
dc.subject | Computer crime | - |
dc.subject | Data flow analysis | - |
dc.subject | HIgh speed networks | - |
dc.subject | Intrusion detection | - |
dc.subject | Learning algorithms | - |
dc.subject | Learning systems | - |
dc.subject | Mercury (metal) | - |
dc.subject | Supervised learning | - |
dc.subject | Command and control | - |
dc.subject | Computer resources | - |
dc.subject | Cyber-crimes | - |
dc.subject | Enterprise networks | - |
dc.subject | Intrusion Detection Systems | - |
dc.subject | Link-based approach | - |
dc.subject | Network flows | - |
dc.subject | Supervised machine learning | - |
dc.subject | Botnet | - |
dc.title | Cluster Ensemble with Link-Based Approach for Botnet Detection | - |
dc.type | Article | - |
dc.identifier.doi | 10.1007/s10922-017-9436-x | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | Journal of Network and Systems Management, v.26, no.3, pp.1 - 24 | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000433115500004 | - |
dc.identifier.scopusid | 2-s2.0-85030837957 | - |
dc.citation.endPage | 24 | - |
dc.citation.number | 3 | - |
dc.citation.startPage | 1 | - |
dc.citation.title | Journal of Network and Systems Management | - |
dc.citation.volume | 26 | - |
dc.contributor.affiliatedAuthor | Noh, D.K. | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | Cyber crime | - |
dc.subject.keywordAuthor | Intrusion detection system | - |
dc.subject.keywordAuthor | Network flow | - |
dc.subject.keywordAuthor | Machine learning | - |
dc.subject.keywordAuthor | Classification | - |
dc.subject.keywordAuthor | Command and control | - |
dc.subject.keywordPlus | INTRUSION DETECTION | - |
dc.subject.keywordPlus | K-MEANS | - |
dc.subject.keywordPlus | CLASSIFICATION | - |
dc.description.journalRegisteredClass | scie | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.