Abstract
Particle Swarm Optimization are inherently distributed algorithms where the solution for a problem emerges from the interactions between many simple individual agents called particles. This article proposes the use of the Particle Swarm Optimization as a new tool for botnet traffic discriminatory analysis. Through this novel approach, we classify the C&C session, which functions as the unique characteristic of the bots, from the complicated background traffic data so as to identify the compromised computers. Experimental results show that the proposed approach perform a high accuracy in the identification of the C&C session.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Eberhart, R.C., Kennedy, J.: A new optimizer using particle swarm theory. In: Proceedings of the Sixth International Symposium on Micro Machine and Human Science, Nagoya, Japan, pp. 39–43. IEEE Press, Piscataway (1995)
Kennedy, J., Eberhart, R.C.: Particle swarm optimization. In: Proceedings of the IEEE International Conference on Neural Networks IV, pp. 1942–1948. IEEE Press, Piscataway (1995)
Dewes, C., Watchman, A., Feldman, A.: An analysis of internet chat systems. In: IMC 2003: Proceedings of the 3rd ACM SIGCOMM Conference on Internet Measurement, pp. 51–64. ACM Press, New York (2003)
Sen, S., Spatscheck, O., Wang, D.: Accurate, scalable in network identification of p2p traffic using application signatures. In: WWW 2004: Proceedings of the 13th International Conference on World Wide Web, pp. 512–521. ACM Press, New York (2004)
Roughan, M., Spatscheck, O., Sen, S., Duffield, N.: Class of-service mapping for qos: a statistical signature-based approach to ip traffic classification. In: IMC 2004: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pp. 135–148. ACM Press, New York (2004)
Moore, A.W., Zuev, D.: Internet traffic classification using Bayesian analysis techniques. In: SIGMETRICS 2005: Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pp. 50–60. ACM Press, New York (2005)
Nepenthes Development Team: Nepenthes - Finest Collection, http://nepenthes.mwcollect.org/
ClamAV project: ClamAV, http://www.clamav.net/
VMware Inc.: VMware workstation, http://www.vmware.com/
Shi, Y., Eberhart, R.C.: A modified Particle Swarm Optimizer. In: Proceedings of the IEEE International Conference on Evolutionary Computation, pp. 69–73. IEEE Press, Piscataway (1998)
Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)
Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. John Wiley & Sons, Inc., Chichester (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Y., Huang, S., Wang, Y., Zhang, M. (2010). Botnet Traffic Discriminatory Analysis Using Particle Swarm Optimization. In: Tan, Y., Shi, Y., Tan, K.C. (eds) Advances in Swarm Intelligence. ICSI 2010. Lecture Notes in Computer Science, vol 6146. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13498-2_65
Download citation
DOI: https://doi.org/10.1007/978-3-642-13498-2_65
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13497-5
Online ISBN: 978-3-642-13498-2
eBook Packages: Computer ScienceComputer Science (R0)