| Texto completo | |
| Autor(es): |
Schwengber, Bruno Henrique
;
Vergutz, Andressa
;
Prates, Nelson G., Jr.
;
Nogueira, Michele
;
IEEE
Número total de Autores: 5
|
| Tipo de documento: | Artigo Científico |
| Fonte: | 2020 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM); v. N/A, p. 6-pg., 2020-01-01. |
| Resumo | |
Botnets deeply threaten cybersecurity due to their distributed and dynamic nature, causing attacks with severe consequences for users and companies, such as Distributed Denial of Service. Detecting botnets is challenging once they constantly evolve, resulting in fast behavior changes in network. Current techniques usually detect botnets without considering these changes and their fast adaptation to new behavior. Hence, this paper presents CONFRONT, a method aware of concept drift (fast changes in network behavior) for online botnet detection. Different from the literature, this paper introduces a new technique to detect concept drift and optimize botnet classification. CONFRONT employs features from network flow on the unsupervised concept drift detector and a supervised incremental botnet classifier. Results show CONFRONT feasibility, reaching 95% of accuracy in less than 1 ms. (AU) | |
| Processo FAPESP: | 18/23098-0 - MENTORED: da modelagem à experimentação - predizendo e detectando ataques DDoS e zero-day |
| Beneficiário: | Michele Nogueira Lima |
| Modalidade de apoio: | Auxílio à Pesquisa - Temático |