CoCoSpot: Clustering and recognizing botnet command and control channels using traffic analysis

被引：39

作者：

Dietrich, Christian J. ^{[1
,3
]}

Rossow, Christian ^{[1
,2
]}

Pohlmann, Norbert ^{[1
]}

机构：

[1] Univ Appl Sci Gelsenkirchen, Inst Internet Secur, D-45877 Gelsenkirchen, Germany

[2] Vrije Univ Amsterdam, Network Inst, Amsterdam, Netherlands

[3] Univ Erlangen Nurnberg, Dept Comp Sci, D-91054 Erlangen, Germany

来源：

COMPUTER NETWORKS | 2013年 / 57卷 / 02期

关键词：

Botnet C&C; Botnet detection; Traffic analysis; Network security;

D O I：

10.1016/j.comnet.2012.06.019

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

We present CoCoSpot, a novel approach to recognize botnet command and control channels solely based on traffic analysis features, namely carrier protocol distinction, message length sequences and encoding differences. Thus, CoCoSpot can deal with obfuscated and encrypted C&C protocols and complements current methods to fingerprint and recognize botnet C&C channels. Using average-linkage hierarchical clustering of labeled C&C flows, we show that for more than 20 recent botnets and over 87,000 C&C flows, CoCoSpot can recognize more than 88% of the C&C flows at a false positive rate below 0.1%. (c) 2012 Elsevier B.V. All rights reserved.

引用

页码：475 / 486

页数：12

共 50 条

[41] Modified process control chart in IC fabrication using clustering analysis
Tong, LI
Lee, WI
INNOVATION IN TECHNOLOGY MANAGEMENT - THE KEY TO GLOBAL LEADERSHIP: THE KEY TO GLOBAL LEADERSHIP, 1997, : 704 - 704
[42] Performance Analysis of WSN Clustering Algorithms using Discrete Power Control
Aslam, Nauman
Robertson, William
Phillips, William
IPSI BGD TRANSACTIONS ON INTERNET RESEARCH, 2009, 5 (01): : 10 - 15
[43] Using LTE Networks for UAV Command and Control Link: A Rural-Area Coverage Analysis
Huan Cong Nguyen
Amorim, Rafhael
Wigard, Jeroen
Kovacs, Istvan Z.
Mogensen, Preben
2017 IEEE 86TH VEHICULAR TECHNOLOGY CONFERENCE (VTC-FALL), 2017,
[44] Analysis and Implementation of Smart Traffic Control System Using Weighted Data
sharma, Priyanka
Goen, Anjana
2018 INTERNATIONAL CONFERENCE ON ADVANCED COMPUTATION AND TELECOMMUNICATION (ICACAT), 2018,
[45] Analysis of Urban Traffic Jam Control Strategies Using Simulation Technology
Huang, Yi-Sheng
Huang, Wei-Ping
Wu, Wei-Pin
2016 IEEE 13TH INTERNATIONAL CONFERENCE ON NETWORKING, SENSING, AND CONTROL (ICNSC), 2016,
[46] Analysis of Fast Adaptive Traffic Engineering Using a Feedback Control Model
Wu, Ning
Tang, Ao
2018 ANNUAL AMERICAN CONTROL CONFERENCE (ACC), 2018, : 1764 - 1771
[47] Requirements analysis of air traffic control system using formal methods
Jamal, Maryam
Zafar, Nazir Ahmad
ICIET 2007: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INFORMATION AND EMERGING TECHNOLOGIES, 2007, : 216 - +
[48] Analysis based traffic flow control decision using IoT sensors
Agarwal, Piyush
Matta, Priya
Sharma, Sachin
MATERIALS TODAY-PROCEEDINGS, 2021, 46 : 10707 - 10711
[49] Policy Analysis of Adaptive Traffic Signal Control Using Reinforcement Learning
Genders, Wade
Razavi, Saiedeh
JOURNAL OF COMPUTING IN CIVIL ENGINEERING, 2020, 34 (01)
[50] Analysis of Urban Traffic Jam Control Strategies Using Simulation Technology
Huang, Yi-Sheng
Huang, Wei-Ping
Wu, Wei-Pin
2016 IEEE 13TH INTERNATIONAL CONFERENCE ON NETWORKING, SENSING, AND CONTROL (ICNSC), 2016,

← 1 2 3 4 5 →