Skip to main content
SpringerLink
Log in
Book cover

International Conference on Neural Information Processing

ICONIP 2012: Neural Information Processing pp 400–409Cite as

Botnet Detection Based on Non-negative Matrix Factorization and the MDL Principle

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7667))

Abstract

We propose a method for botnet detection from darknet data by non-negative matrix factorization (NMF), which can decompose the vector valued time series data into several components. In addition, we propose a new method to estimate the number of components in the data, by the minimum description length (MDL) principle. Our method for botnet detection consists of change point detection and analysis based on variance of the decomposed data.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akiyama, M., Kawamoto, T., Shimamura, M., Yokoyama, T., Kadobayashi, Y., Yamaguchi, S.: A Proposal of Metrics for Botnet Detection Based on Its Cooperative Behavior. In: SAINT (2007)

    Google Scholar 

  2. Hamasaki, H., Kawakita, M., Takeuchi, J., Yoshioka, K., Inoue, D., Etoh, M., Nakao, K.: Proposal of Botnet Detection Based on Structure Learning and Its Application to Darknet Data. In: SCIS (2011)

    Google Scholar 

  3. Hotta, S., Miyahara, S.: An Initialization Method for Non-negative Matrix Factorization and Its Applications. Technical report, IEICE (2003)

    Google Scholar 

  4. Inoue, D., Yoshioka, K., Eto, M., Yamagata, M., Nishino, E., Takeuchi, J., Ohkouchi, K., Nakao, K.: An Incident Analysis System NICTER and Its Analysis Engines Based on Data Mining Techniques. In: Köppen, M., Kasabov, N., Coghill, G. (eds.) ICONIP 2008, Part I. LNCS, vol. 5506, pp. 579–586. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Kitagawa, J., Kawakita, M., Takeuchi, J., Yoshioka, K., Inoue, D., Etoh, M., Nakao, K.: Extraction of Botnet Communication Based on Non-negative Matrix Factorization. In: SCIS (2010)

    Google Scholar 

  6. Lee, D.D., Seung, H.S.: Algorithms for Non-negative Matrix Factorization. Neural Inf. Process. Syst. 13, 556–562 (2001)

    Google Scholar 

  7. Nikolaus, R.: Learning the Parts of Objects Using Non-negative Matrix Factorization.Term Paper (2007)

    Google Scholar 

  8. Rissanen, J.: Modeling by Shortest Data Description. Automatica 14, 465–471 (1978)

    Article  MATH  Google Scholar 

  9. Rissanen, J.: Fisher Information and Stochastic Complexity. IEEE Transactions on Information Theory 42, 40–47 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  10. Takeuchi, J., Yamanishi, K.: Unifying Framework for Detection Outliers and Change Points from Time Series. IEEE Transactions on Knowledge and Data Engineering 18, 676–681 (2006)

    Article  Google Scholar 

  11. Cyber Clean Center, https://www.ccc.go.jp

Download references

Author information

Authors and Affiliations

  1. Institute of Systems, Information Technologies and Nanotechnologies (ISIT), Japan

    Sayaka Yamauchi, Masanori Kawakita & Jun’ichi Takeuchi

  2. Graduate School of ISEE, Kyushu University, Japan

    Sayaka Yamauchi, Masanori Kawakita & Jun’ichi Takeuchi

Authors
  1. Sayaka Yamauchi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masanori Kawakita
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jun’ichi Takeuchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Texas A&M University at Qatar, Education City, P.O. Box 23874, Doha, Qatar

    Tingwen Huang

  2. Department of Control Science and Engineering, Huazhong University of Science and Technology, 1037 Luoyu Road, 430074, Wuhan, Hubei, China

    Zhigang Zeng

  3. College of Computer Science, Chongqing University, 174 Shazhengjie Street, 400044, Chongqing, China

    Chuandong Li

  4. Department of Electronic Engineering, City University of Hong Kong, 83 Tat Chee Avenue, Kowloon, Hong Kong, China

    Chi Sing Leung

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yamauchi, S., Kawakita, M., Takeuchi, J. (2012). Botnet Detection Based on Non-negative Matrix Factorization and the MDL Principle. In: Huang, T., Zeng, Z., Li, C., Leung, C.S. (eds) Neural Information Processing. ICONIP 2012. Lecture Notes in Computer Science, vol 7667. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34500-5_48

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34500-5_48

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34499-2

  • Online ISBN: 978-3-642-34500-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation