SCOPUS 정보 검색 플랫폼

Proceedings of the 6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011

Volumn , Issue , 2011, Pages 124-134

Boosting the scalability of botnet detection using adaptive traffic sampling

(6) Zhang, Junjie a Luo, Xiapu c Perdisci, Roberto b Gu, Guofei d Lee, Wenke a Feamster, Nick a

a GEORGIA INSTITUTE OF TECHNOLOGY (United States)

b UNIVERSITY OF GEORGIA (United States)

c HONG KONG POLYTECHNIC UNIVERSITY (Hong Kong)

d TEXAS A AND M UNIVERSITY (United States)

Author keywords

Adaptive sampling; Botnet; Intrusion detection; Network security

Indexed keywords

BOTNET; HEALTH RISKS; HIGH SPEED NETWORKS; NETWORK SECURITY; SCALABILITY;

'CURRENT; ADAPTIVE SAMPLING; BOTNET DETECTIONS; BOTNETS; DEEP PACKET INSPECTION; DETECTION SYSTEM; INTRUSION-DETECTION; NETWORK-BASED; NETWORKS SECURITY; TRAFFIC SAMPLING;

INTRUSION DETECTION;

EID: 79956014847 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: 10.1145/1966913.1966930 Document Type: Conference Paper

Times cited : (30)

References (24)

1
- 33845633068
- Sketch guided sampling - Using on-line estimates of ow size for adaptive data collection
- A. Kumar and J. Xu. Sketch guided sampling - using on-line estimates of ow size for adaptive data collection. In Proc. IEEE Infocom, 2006.
- (2006) Proc. IEEE Infocom
- Kumar, A.¹ Xu, J.²

2
- 63049111118
- Fast monitoring of traffic subpopulations
- A. Ramachandran, S. Seetharaman, and N. Feamster. Fast monitoring of traffic subpopulations. In Proc. ACM IMC, 2008.
- (2008) Proc. ACM IMC
- Ramachandran, A.¹ Seetharaman, S.² Feamster, N.³

3
- 4444311813
- Divide and concatenate: An architectural level optimization technique for universal hash functions
- R. K. B. Yang and D.A.McGrew. Divide and concatenate: An architectural level optimization technique for universal hash functions. In Proc. of the Design Automation Conference, 2004.
- (2004) Proc. of the Design Automation Conference
- Yang, R.K.B.¹ McGrew, D.A.²

4
- 85080378133
- An algorithm for anomaly-based botnet detection
- J. R. Binkley and S. Singh. An algorithm for anomaly-based botnet detection. In Proc. USENIX SRUTI, 2006.
- (2006) Proc. USENIX SRUTI
- Binkley, J.R.¹ Singh, S.²

5
- 85175133385
- Botsniffer: Detecting botnet command and control channels in network traffic
- G. Gu, J. Zhang, and W. Lee. Botsniffer: Detecting botnet command and control channels in network traffic. In Proc. NDSS, 2008.
- (2008) Proc. NDSS
- Gu, G.¹ Zhang, J.² Lee, W.³

6
- 85061529860
- Bothunter: Detecting malware infection through IDS-driven dialog correlation
- G. Gu, P. Porras, V. Yegneswaran, M. Fong, W. and Lee. Bothunter: Detecting malware infection through IDS-driven dialog correlation. In Proc. USENIX Security, 2007.
- (2007) Proc. USENIX Security
- Gu, G.¹ Porras, P.² Yegneswaran, V.³ Fong, M.⁴ Lee, W.⁵

7
- 85075837457
- Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection
- G. Gu, R. Perdisci, J. Zhang, and W. Lee. Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection. In Proc. USENIX Security, 2008.
- (2008) Proc. USENIX Security
- Gu, G.¹ Perdisci, R.² Zhang, J.³ Lee, W.⁴

8
- 57849085977
- Rishi: Identify bot contaminated hosts by irc nickname evaluation
- J. Goebel and T. Holz. Rishi: identify bot contaminated hosts by irc nickname evaluation. In Proc. USENIX HotBots, 2007.
- (2007) Proc. USENIX HotBots
- Goebel, J.¹ Holz, T.²

9
- 51349163638
- Accurate and efficient traffic monitoring using adaptive non-linear sampling method
- C. Hu, S. Wang, J. Tian, B. Liu, Y. Cheng, and Y. Chen. Accurate and efficient traffic monitoring using adaptive non-linear sampling method. In Proc. IEEE Infocom, 2008.
- (2008) Proc. IEEE Infocom
- Hu, C.¹ Wang, S.² Tian, J.³ Liu, B.⁴ Cheng, Y.⁵ Chen, Y.⁶

10
- 85175130333
- Infosecurity. Storm deadnet reanimates as waledac botnet. http://infosecurity.us/?p=6262 2009.
- (2009) Storm Deadnet Reanimates as Waledac Botnet

11
- 77952351261
- Towards complete node enumeration in a peer-to-peer botnet
- B. Kang, E. C. Tin, and C. P. Lee. Towards complete node enumeration in a peer-to-peer botnet. In Proc. ACM AISACCS, 2009.
- (2009) Proc. ACM AISACCS
- Kang, B.¹ Tin, E.C.² Lee, C.P.³

12
- 49949112226
- Wide-scale botnet detection and characterization
- A. Karasaridis, B. Rexroad, and D. Hoein. Wide-scale botnet detection and characterization. In Proc. USENIX HotBots, 2007.
- (2007) Proc. USENIX HotBots
- Karasaridis, A.¹ Rexroad, B.² Hoein, D.³

13
- 78651469705
- PhD thesis, Georgia Institute of Technology, Atlanta, GA, Nov
- C. P. Lee. FRAMEWORK FOR BOTNET EMULATION AND ANALYSIS. PhD thesis, Georgia Institute of Technology, Atlanta, GA, Nov. 2008.
- (2008) Framework for botnet emulation and analysis
- Lee, C.P.¹

14
- 85175134080
- Using machine learning techniques to identify botnet traffic
- C. Livadas, R. Walsh, D. Lapsley, and W. T. Strayer. Using machine learning techniques to identify botnet traffic. In Proc. IEEE WoNS, 2006.
- (2006) Proc. IEEE WoNS
- Livadas, C.¹ Walsh, R.² Lapsley, D.³ Strayer, W.T.⁴

15
- 77952717608
- Revealing botnet membership using DNSBL counter-intelligence
- A. Ramachandran, N. Feamster, and D. Dagon. Revealing botnet membership using DNSBL counter-intelligence. In Proc. USENIX SRUTI, 2006.
- (2006) Proc. USENIX SRUTI
- Ramachandran, A.¹ Feamster, N.² Dagon, D.³

16
- 77950794331
- Fire: Finding rogue networks
- B. Stone-Gross, A. Moser, C. Kruegel, E. Kirda, and K. Almeroth. Fire: Finding rogue networks. In Proc. ACSAC, 2009.
- (2009) Proc. ACSAC
- Stone-Gross, B.¹ Moser, A.² Kruegel, C.³ Kirda, E.⁴ Almeroth, K.⁵

17
- 41949115980
- Detecting botnets with tight command and control
- W. T. Strayer, R. Walsh, C. Livadas, and D. Lapsley. Detecting botnets with tight command and control. In Proc. IEEE LCN, 2006.
- (2006) Proc. IEEE LCN
- Strayer, W.T.¹ Walsh, R.² Livadas, C.³ Lapsley, D.⁴

18
- 77955861102
- Are your hosts trading or plotting? telling p2p file-sharing and bots apart
- T.-F. Yen and M. K. Reiter. Are your hosts trading or plotting? telling p2p file-sharing and bots apart. In ICDCS, 2010.
- (2010) ICDCS
- Yen, T.-F.¹ Reiter, M.K.²

19
- 85175132382
- Inter-as traffic patterns and their implications
- L. P. Wenjia Fang. Inter-as traffic patterns and their implications. In IEEE Global Internet Symposium, 1999.
- (1999) IEEE Global Internet Symposium
- Wenjia Fang, L.P.¹

20
- 84908346958
- Rb-seeker: Auto-detection of redirection botnets
- X. Hu, M. Knysz and K. Shin. Rb-seeker: Auto-detection of redirection botnets. In Proc. NDSS, 2009.
- (2009) Proc. NDSS
- Hu, X.¹ Knysz, M.² Shin, K.³

21
- 14944356227
- Online identification of hierarchical heavy hitters: Algorithms, evaluation, and applications
- Y. Zhang, S. Singh, S. Sen, N. Duffield and C. Lund. Online identification of hierarchical heavy hitters: Algorithms, evaluation, and applications. In Proc. ACM IMC, 2004.
- (2004) Proc. ACM IMC
- Zhang, Y.¹ Singh, S.² Sen, S.³ Duffield, N.⁴ Lund, C.⁵

22
- 79954733367
- Botgraph: Large scale spamming botnet detection
- Y. Zhao and Y. Xie and F. Yu and Q. Ke and Y. Yu. Botgraph: Large scale spamming botnet detection. In Proc. USENIX NSDI, 2009.
- (2009) Proc. USENIX NSDI
- Zhao, Y.¹ Xie, Y.² Yu, F.³ Ke, Q.⁴ Yu, Y.⁵

23
- 58449108281
- Traffic aggregation for malware detection
- T.-F. Yen and M. K. Reiter. Traffic aggregation for malware detection. In Proc. DIMVA, 2008.
- (2008) Proc. DIMVA
- Yen, T.-F.¹ Reiter, M.K.²

24
- 0030157145
- Birch: An efficient data clustering method for very large databases
- ACM Press
- T. Zhang, R. Ramakrishnan, and M. Livny. Birch: An efficient data clustering method for very large databases. In Proc. ACM SIGMOD. ACM Press, 1996.
- (1996) Proc. ACM SIGMOD
- Zhang, T.¹ Ramakrishnan, R.² Livny, M.³

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.