Detection of P2P botnet based on network behavior features and Dezert-Smarandache theory

doi:10.3969/j.issn.1003-7985.2018.02.008

CIOMP OpenIR

	Detection of P2P botnet based on network behavior features and Dezert-Smarandache theory
	Song, Yuanzhang; Chen, Yuan; Wang, Junjie; Wang, Anbang; Li, Hongyu
	2018
发表期刊	Journal of Southeast University (English Edition)
ISSN	10037985
卷号	34 期号:2 页码:191-198
摘要	In order to improve the accuracy of detecting the new P2P(peer-to-peer) botnet, a novel P2P botnet detection method based on the network behavior features and Dezert-Smarandache theory is proposed. It focuses on the network behavior features, which are the essential abnormal features of the P2P botnet and do not change with the network topology, the network protocol or the network attack type launched by the P2P botnet. First, the network behavior features are accurately described by the local singularity and the information entropy theory. Then, two detection results are acquired by using the Kalman filter to detect the anomalies of the above two features. Finally, the above two detection results are fused with the Dezert-Smarandache theory to obtain the final detection results. The experimental results demonstrate that the proposed method can effectively detect the new P2P botnet and that it considerably outperforms other methods at a lower degree of false negative rate and false positive rate, and the false negative rate and the false positive rate can reach 0.09 and 0.12, respectively. 2018, Editorial Department of Journal of Southeast University. All right reserved.
关键词	Peer to peer networks Botnet Entropy Feature extraction Kalman filters Network protocols
DOI	10.3969/j.issn.1003-7985.2018.02.008
收录类别	EI
引用统计
文献类型	期刊论文
条目标识符	http://ir.ciomp.ac.cn/handle/181722/60629
专题	中国科学院长春光学精密机械与物理研究所
推荐引用方式 GB/T 7714	Song, Yuanzhang,Chen, Yuan,Wang, Junjie,et al. Detection of P2P botnet based on network behavior features and Dezert-Smarandache theory[J]. Journal of Southeast University (English Edition),2018,34(2):191-198.
APA	Song, Yuanzhang,Chen, Yuan,Wang, Junjie,Wang, Anbang,&Li, Hongyu.(2018).Detection of P2P botnet based on network behavior features and Dezert-Smarandache theory.Journal of Southeast University (English Edition),34(2),191-198.
MLA	Song, Yuanzhang,et al."Detection of P2P botnet based on network behavior features and Dezert-Smarandache theory".Journal of Southeast University (English Edition) 34.2(2018):191-198.

条目包含的文件		下载所有文件
文件名称/大小	文献类型	版本类型	开放类型	使用许可
Detection of P2P bot（1219KB）	期刊论文	出版稿	开放获取	CC BY-NC-SA	浏览下载