Title: The Forward-Backward String: a New Robust Feature for Botnet Detection
Authors: Su, Yuan-Hsiang
Rezapour, Amir
Tzeng, Wen-Guey
資訊工程學系
Department of Computer Science
Issue Date: 1-Jan-2017
Abstract: We introduce the forward-backward string as a new feature which is robust against variation over payload length, the inter-arrival time of packets, and the number of packets within a flow. It represents an abstract activity of a host within a flow. The forward-backward string is packet-oriented and does not rely on payload size, the content of header and the interarrival time of packets. We use real-world botnet data to evaluate the performance of our new feature with some existing works. The experimental results show that the forward-backward string boosts the accuracy of existing works up to 5%. We further examine the robustness of the new feature against packet and flow level noise. The forward-backward string not only increases the accuracy but also enhances the robustness of the prior works.
URI: http://hdl.handle.net/11536/150832
Journal: 2017 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING
Begin Page: 485
End Page: 492
Appears in Collections:Conferences Paper