1. BOTNET DETECTION APPROACH BASED ON THE DISTRIBUTED SYSTEMS
- Author
-
Anatoliy Sachenko, Sergii Lysenko, George Markowsky, Nadiia Vasylkiv, and Oleg Savenko
- Subjects
Network security ,business.industry ,Computer science ,Computer Networks and Communications ,Distributed computing ,Local area network ,Botnet ,computer.software_genre ,Naive Bayes classifier ,Bayes' theorem ,Hardware and Architecture ,Command and control ,Computer Science (miscellaneous) ,Malware ,business ,computer ,Classifier (UML) ,Software ,Information Systems - Abstract
The paper presents a botnet detection approach for the distributed systems. It is based on the developed three level model, which includes botnet’s components: command and control center, control centers, basic elements of the botnet (bots). The novel framework provides the ability to detect known and unknown botnets, and consists of the host and the network levels. At the host level, the detection procedure is based on the implementation of the Bayes classification. The network level extends the results obtained at the host level to the rest of the local area network. Proposed approach provides the exchange of the results obtained by the Bayes classification for further use by other program units of the distributed system. The results of the developed classifier show that representation of the botnets’ samples for different classes and subclasses is sufficient for efficient botnet detection. Proposed technique demonstrates promising results concerning botnet detection in the distributed systems.
- Published
- 2020