By Topic

A Framework for P2P Botnet Detection Using SVM

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Barthakur, P. ; Dept. of Comput. Sci. & Eng., Sikkim Manipal Inst. of Technol., Majitar, India ; Dahal, M. ; Ghose, M.K.

Botnets are the most serious network security threat bothering cyber security researchers around the globe. In this paper, we propose a proactive botnet detection framework using Support Vector Machine (SVM) to identify P2P botnets based on payload independent statistical features. Our investigation is based on the assumption that there exists significant difference between flow feature values of P2P botnet traffic and that of normal web traffic. However, we don't see a significant difference among flow feature values of normal web traffic and that of normal P2P traffic. Therefore, we combined normal web traffic and normal P2P traffic for the purpose of binary classification. Furthermore, we tried to evaluate the optimum SVM model that provides the best classification of P2P botnet data. Our optimized method yields approximately 99.01% accuracy for unbiased training and testing samples with a False Positive rate of 0.11 and 0.003 for bot and normal data flows respectively.

Published in:

Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2012 International Conference on

Date of Conference:

10-12 Oct. 2012