Engineering and Technology Journal (Jun 2014)

Detection of P2P Botnets Based on Support Vector Machine: Case Study

  • Nemir Ahmed Al-Azzawi,
  • Shatha Mizhir Hasan

DOI
https://doi.org/10.30684/etj.32.5A.12
Journal volume & issue
Vol. 32, no. 5
pp. 1227 – 1239

Abstract

Read online

Botnet is a general term referring to a group of automated software robots that run without human intervention (malware code). Nowadays, Botnets produces a major threat to the cyber security (Information Assurance) of computing assets. Therefore, you need to protect our huge confidential and personal information through the use of web interfaces such as online passwords, corporate secrets, online banking accounts, and social networking accounts like Facebook. Network traffic analysis is an important component in the management and security of current networks and in the design and planning on future networks. This study enables the researcher: (a) to study botnet topologies, behavior and lifecycle events and actions (b) to combine normal web traffic and normal P2P traffic for binary classification; (c) to produce simulated network flow data comparable to the activities of a botnet controller or "bots," and hosts under attack (testing samples); and (d) to detection and identifies P2P botnet framework using Support Vector Machine (SVM) based on statistical features.

Keywords