Peer to peer botnet detection based on flow intervals and fast flux network capture
| dc.contributor.author | Zhao, David | |
| dc.contributor.supervisor | Traore, Issa | |
| dc.date.accessioned | 2012-10-16T21:34:11Z | |
| dc.date.available | 2012-10-16T21:34:11Z | |
| dc.date.copyright | 2012 | en_US |
| dc.date.issued | 2012-10-16 | |
| dc.degree.department | Department of Electrical and Computer Engineering | |
| dc.degree.level | Master of Applied Science M.A.Sc. | en_US |
| dc.description.abstract | Botnets are becoming the predominant threat on the Internet today and is the primary vector for carrying out attacks against organizations and individuals. Botnets have been used in a variety of cybercrime, from click-fraud to DDOS attacks to the generation of spam. In this thesis we propose an approach to detect botnet activity using two different strategies both based on machine learning techniques. In one, we examine the network flow based metrics of potential botnet traffic and show that we are able to detect botnets with only data from a small time interval of operation. For our second technique, we use a similar strategy to identify botnets based on their potential fast flux behavior. For both techniques, we show experimentally that the presence of botnets may be detected with a high accuracy and identify their potential limitations. | en_US |
| dc.description.scholarlevel | Graduate | en_US |
| dc.identifier.uri | http://hdl.handle.net/1828/4301 | |
| dc.language | English | eng |
| dc.language.iso | en | en_US |
| dc.rights.temp | Available to the World Wide Web | en_US |
| dc.subject | Botnet | en_US |
| dc.subject | Network Intrusion Detection | en_US |
| dc.subject | Traffic Behavior Analysis | en_US |
| dc.subject | Network Flows | en_US |
| dc.title | Peer to peer botnet detection based on flow intervals and fast flux network capture | en_US |
| dc.type | Thesis | en_US |