Publication result detail

Botnet C&C Traffic and Flow Lifespans Using Survival Analysis

OUJEZSKÝ, V.; HORVÁTH, T.; ŠKORPIL, V.

Original Title

Botnet C&C Traffic and Flow Lifespans Using Survival Analysis

English Title

Botnet C&C Traffic and Flow Lifespans Using Survival Analysis

Type

Peer-reviewed article not indexed in WoS or Scopus

Original Abstract

This paper addresses the issue of detecting unwanted traffic in data networks, namely the detection of botnet networks. In this paper, we focused on a time behavioral analysis, more specifically said – lifespans of a simulated botnet network traffic, collected and discovered from NetFlow messages, and also of real botnet communication of a malware. As a method we chose survival analysis and for rigorous testing of differences Mantel–Cox test. Lifespans of those referred traffics are discovered and calculated by lifelines using Python language. Based on our research we have figured out a possibility to distinguish the individual lifespans of C&C communications that are identical to each other by using survival projection curves, although it occurred in a different time course.

English abstract

This paper addresses the issue of detecting unwanted traffic in data networks, namely the detection of botnet networks. In this paper, we focused on a time behavioral analysis, more specifically said – lifespans of a simulated botnet network traffic, collected and discovered from NetFlow messages, and also of real botnet communication of a malware. As a method we chose survival analysis and for rigorous testing of differences Mantel–Cox test. Lifespans of those referred traffics are discovered and calculated by lifelines using Python language. Based on our research we have figured out a possibility to distinguish the individual lifespans of C&C communications that are identical to each other by using survival projection curves, although it occurred in a different time course.

Keywords

Botnet, Lifespans, Modeling, NetFlow, Survival, Analysis

Key words in English

Botnet, Lifespans, Modeling, NetFlow, Survival, Analysis

Authors

OUJEZSKÝ, V.; HORVÁTH, T.; ŠKORPIL, V.

RIV year

2018

Released

27.03.2017

Publisher

International Science and Engineering Society, o.s.

Location

Czech Republic

ISBN

1805-5443

Periodical

International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems

Volume

6

Number

1

State

Czech Republic

Pages from

38

Pages to

44

Pages count

7

URL

http://ijates.org/index.php/ijates/article/view/205

Full text in the Digital Library

http://hdl.handle.net/11012/69225

BibTex

@article{BUT134474,
  author="Václav {Oujezský} and Tomáš {Horváth} and Vladislav {Škorpil}",
  title="Botnet C&C Traffic and Flow Lifespans Using Survival Analysis",
  journal="International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems",
  year="2017",
  volume="6",
  number="1",
  pages="38--44",
  doi="10.11601/ijates.v6i1.205",
  issn="1805-5443",
  url="http://ijates.org/index.php/ijates/article/view/205"
}