Detecting Botnets Through Log Correlation

Jan-15-2010–arXiv.org Artificial Intelligence

Botnets, which consist of thousands of compromised machines, can cause significant threats to other systems by launching Distributed Denial of Service (SSoS) attacks, keylogging, and backdoors. In response to these threats, new effective techniques are needed to detect the presence of botnets. In this paper, we have used an interception technique to monitor Windows Application Programming Interface (API) functions calls made by communication applications and store these calls with their arguments in log files. Our algorithm detects botnets based on monitoring abnormal activity by correlating the changes in log file sizes from different hosts.

artificial intelligence, log file size, machine learning, (13 more...)

arXiv.org Artificial Intelligence

Jan-15-2010

arXiv.org PDF

Add feedback

Country:
- Europe
  - France (0.14)
  - United Kingdom (0.15)
- North America > United States (0.14)

Industry:
- Information Technology > Security & Privacy (1.00)

Technology:
- Information Technology
  - Artificial Intelligence > Machine Learning
    - Performance Analysis > Accuracy (0.99)
  - Security & Privacy (1.00)

Duplicate Docs Excel Report

Title
None found

Similar Docs Excel Report more

Title	Similarity	Source
None found