By Topic

Discovery of Invariant Bot Behavior through Visual Network Monitoring System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)

Botnets are emerging as the most significant threat facing online ecosystems and computing assets due to their enormous volume and sheer power. It is a major challenge for cyber-security research community to combat the emerging threat of botnets. Most of useful approaches for botnet traffic detection are based on passive network traffic monitoring and analysis. Nevertheless, typical network traffic generates a huge amount of data for analysis. In addition, the poor user interfaces of the existing tools lead to the insufficient utilization of the captured data, and do not consider utilization of human intellectual capability. The proposed visual network monitoring system tackles these issues by adopting proper visualization techniques. The proposed visualization techniques enhance the visibility of network traffic related to invariant bot behaviors, and provide notification of bot existence without distracting the user with huge volumes of data. The visual illustration of typical bot behavior improves the botnet traffic detection process by engaging human perception capabilities. This approach assists security personnel with a visual security tool to mitigate botnet threats by discovering invariant botnet behaviors during the benign state of a botnet in small to medium size networks. Moreover, the user friendly interface of this system is interactive, flexible, and easy to use.

Published in:

Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on

Date of Conference:

18-25 July 2010