Detecting Bot Networks Based On HTTP And TLS Traffic Analysis
Subject Areas : Network Security
1 - Science and Research Branch, Islamic Azad University, Tehran, Iran.
Keywords:
Abstract :
1. Eslahi, M., R. Salleh, and N.B. Anuar. Bots and botnets: An overview of characteristics, detection and challenges. in 2012 IEEE International Conference on Control System, Computing and Engineering. 2012. IEEE.
2. Acarali, D., et al., Survey of approaches and features for the identification of HTTP-based botnet traffic. Journal of Network and Computer Applications, 2016. 76: p. 1-15; Available from: https://www.sciencedirect.com/science/article/pii/S1084804516302363.
3. Eslahi, M., R. Salleh, and N.B. Anuar. MoBots: A new generation of botnets on mobile devices and networks. in 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE). 2012. IEEE.
4. Li, C., W. Jiang, and X. Zou. Botnet: Survey and case study. in 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC). 2009. IEEE.
5. Silva, S.S., et al., Botnets: A survey. Computer Networks, 2013. 57(2): p. 378-403; Available from: https://www.sciencedirect.com/science/article/abs/pii/S1389128612003568.
6. Eslahi, M., H. Hashim, and N.M. Tahir. An efficient false alarm reduction approach in HTTP-based botnet detection. in 2013 IEEE Symposium on Computers & Informatics (ISCI). 2013. IEEE.
7. Roques, O., Detecting Malware in TLS Traffic. 2019, Imperial College London.
8. Anderson, B. and D. McGrew. Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. in Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 2017.
9. Karim, A., et al., Botnet detection techniques: review, future trends, and issues. Journal of Zhejiang University SCIENCE C, 2014. 15(11): p. 943-983; Available from: https://link.springer.com/article/10.1631/jzus.C1300242.
10. Alieyan, K., et al., A survey of botnet detection based on DNS. Neural Computing and Applications, 2017. 28(7): p. 1541-1558; Available from: https://link.springer.com/article/10.1007/s00521-015-2128-0.
11. Security 101: Distributed Denial of Service (DDoS) Attacks, 2016. 2016; Available from: https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/security-101-distributed-denial-of-service-ddos-attacks.
12. Jang, D.-i., et al. Evasion technique and detection of malicious botnet. in 2010 International Conference for Internet Technology and Secured Transactions. 2010. IEEE.
13. Luo, P., et al. Leveraging client-side DNS failure patterns to identify malicious behaviors. in 2015 IEEE Conference on Communications and Network Security (CNS). 2015. IEEE.
14. Yadav, S. and A.N. Reddy. Winning with DNS failures: Strategies for faster botnet detection. in International Conference on Security and Privacy in Communication Systems. 2011. Springer.
15. Sharifnya, R. and M. Abadi, DFBotKiller: Domain-flux botnet detection based on the history of group activities and failures in DNS traffic. Digital Investigation, 2015. 12: p. 15-26; Available from: https://www.sciencedirect.com/science/article/abs/pii/S1742287614001182.
16. Kazato, Y., K. Fukuda, and T. Sugawara. Towards classification of dns erroneous queries. in Proceedings of the 9th Asian Internet Engineering Conference. 2013.
17. Heuer, T., et al. Recognizing Time-Efficiently Local Botnet Infections-A Case Study. in 2016 11th International Conference on Availability, Reliability and Security (ARES). 2016. IEEE.
18. Ichise, H., Y. Jin, and K. Iida. Detection method of DNS-based botnet communication using obtained NS record history. in 2015 IEEE 39th Annual Computer Software and Applications Conference. 2015. IEEE.
19. Lu, W., M. Tavallaee, and A.A. Ghorbani. Automatic discovery of botnet communities on large-scale communication networks. in Proceedings of the 4th international symposium on information, computer, and communications security. 2009.
20. Wang, B., et al. Modeling connections behavior for web-based bots detection. in 2010 2nd International Conference on E-business and Information System Security. 2010. IEEE.
21. AsSadhan, B., J.M. Moura, and D. Lapsley. Periodic behavior in botnet command and control channels traffic. in GLOBECOM 2009-2009 IEEE Global Telecommunications Conference. 2009. IEEE.
22. AsSadhan, B. and J.M. Moura, An efficient method to detect periodic behavior in botnet traffic by analyzing control plane traffic. Journal of advanced research, 2014. 5(4): p. 435-448; Available from: https://www.sciencedirect.com/science/article/pii/S2090123213001410.
23. Wang, K., et al., A fuzzy pattern-based filtering algorithm for botnet detection. Computer Networks, 2011. 55(15): p. 3275-3286; Available from: https://www.sciencedirect.com/science/article/abs/pii/S1389128611002040.
24. Eslahi, M., et al. Periodicity classification of HTTP traffic to detect HTTP Botnets. in 2015 IEEE Symposium on Computer Applications & Industrial Electronics (ISCAIE). 2015. IEEE.
25. Zhao, G., et al., Detecting APT malware infections based on malicious DNS and traffic analysis. IEEE access, 2015. 3: p. 1132-1142; Available from: https://ieeexplore.ieee.org/abstract/document/7163279.
26. Stevanovic, M., et al., A method for identifying compromised clients based on DNS traffic analysis. International Journal of Information Security, 2017. 16(2): p. 115-132; Available from: https://link.springer.com/article/10.1007/s10207-016-0331-3.
