A New Approach to Detecting Bot Attack Activity Scenario

Dandy Pramana Hostiadi, Tohari Ahmad*, Waskitho Wibisono

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Citations (Scopus)

Abstract

Botnets are a dangerous threat to computer networks. A botnet consists of a bot-master and bot-client connected and communicated through command and control (C&C) servers. When the bot attacks and infects the target computer, it performs several activities. Nevertheless, the introduced model may not detect the connection between one activity and others as a whole botnet attack scenario. The connection between activities is required to get the attack step carried out by each bot. This paper proposes a new approach to detect linkages between bot activities by analyzing the network traffic flows and obtaining a bot attack scenario. The analysis is carried out by finding the frequency of each activity that is sequentially connected. The results show that the proposed model successfully detects interrelated bot activity scenarios based on its pattern.

Original languageEnglish
Title of host publicationProceedings of the 12th International Conference on Soft Computing and Pattern Recognition, SoCPaR 2020
EditorsAjith Abraham, Yukio Ohsawa, Niketa Gandhi, M. A. Jabbar, Abdelkrim Haqiq, Seán McLoone, Biju Issac
PublisherSpringer Science and Business Media Deutschland GmbH
Pages823-835
Number of pages13
ISBN (Print)9783030736880
DOIs
Publication statusPublished - 2021
Event12th International Conference on Soft Computing and Pattern Recognition, SoCPaR 2020 and 16th International Conference on Information Assurance and Security, IAS 2020 - Virtual, Online
Duration: 15 Dec 202018 Dec 2020

Publication series

NameAdvances in Intelligent Systems and Computing
Volume1383 AISC
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Conference

Conference12th International Conference on Soft Computing and Pattern Recognition, SoCPaR 2020 and 16th International Conference on Information Assurance and Security, IAS 2020
CityVirtual, Online
Period15/12/2018/12/20

Keywords

  • Bot activity
  • Bot network
  • Intrusion detection system
  • Network security

Fingerprint

Dive into the research topics of 'A New Approach to Detecting Bot Attack Activity Scenario'. Together they form a unique fingerprint.

Cite this