IRC botnets' homology identifying method based on improved LB_PAA distance of communication characteristic curves

被引:0
|
作者
Jia, Yan [1 ]
Li, Runheng [1 ]
Gan, Liang [1 ]
Chen, Guangqiang [1 ]
机构
[1] Natl Univ Def Technol, Sch Comp, Changsha 410073, Hunan, Peoples R China
来源
2010 THIRD INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY AND SECURITY INFORMATICS (IITSI 2010) | 2010年
基金
国家高技术研究发展计划(863计划);
关键词
botnet; communication; dynamic time warping distance; LB_PAA; homologous;
D O I
10.1109/IITSI.2010.69
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
IRC botnet can be regarded as a collection of compromised computers (called Zombie computers) running software under the command-and-control infrastructure constructed by the IRC server. The connection between the botnet server and the bots are usually very dynamic. In order to describe a botnet at a finer granularity, the paper proposed a method that identify homologous botnets by extracting communication characteristic curves and compute the dynamic time warping distance between the curves, and used improved LB_PAA distance to reduce computational complexity. Experiments were carried out for validation purposes, the error rates were evaluated and shown.
引用
收藏
页码:360 / 365
页数:6
相关论文
共 5 条
  • [1] IRC botnets' homology identifying method based on dynamic time warping distance of communication feature curves
    Jin, Xin
    Li, Runheng
    Gan, Liang
    Li, Zhengyi
    Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2012, 49 (03): : 481 - 490
  • [2] Botnet homology method based on symbolic approximation algorithm of communication characteristic curve
    Nan, Zhihong
    Zhai, Lichao
    Zhai, Lidong
    Liu, Huiming
    2018 15TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED VIDEO AND SIGNAL BASED SURVEILLANCE (AVSS), 2018, : 562 - 567
  • [3] A method for identifying coalbed methane co-production interference based on production characteristic curves: A case study of the Zhijin block, western Guizhou, China
    GUO Chen
    QIN Yong
    YI Tongsheng
    CHEN Zhenlong
    YUAN Hang
    GAO Junzhe
    GOU Jiang
    Petroleum Exploration and Development, 2022, (05) : 1126 - 1137
  • [4] A method for identifying coalbed methane co-production interference based on production characteristic curves: A case study of the Zhijin block, western Guizhou, China
    Guo C.
    Qin Y.
    Yi T.
    Chen Z.
    Yuan H.
    Gao J.
    Gou J.
    Shiyou Kantan Yu Kaifa/Petroleum Exploration and Development, 2022, 49 (05): : 977 - 986
  • [5] A method for identifying coalbed methane co-production interference based on production characteristic curves: A case study of the Zhijin block, western Guizhou, China
    Guo, Chen
    Qin, Yong
    Yi, Tongsheng
    Chen, Zhenlong
    Yuan, Hang
    Gao, Junzhe
    Gou, Jiang
    PETROLEUM EXPLORATION AND DEVELOPMENT, 2022, 49 (05) : 1126 - 1137
1