Botnet Dataset Overview Using Statistical Approach Based on Time Gap Activity Analysis

Muhammad Aidiel Rachman Putra*, Tohari Ahmad, Dandy Pramana Hostiadi

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

Botnet malware is a malicious activity that needs to be detected accurately. Several botnet detection models have been introduced using a mining-based method. The distribution analysis approach is often used to obtain the characteristics of the data before modeling it on a mining-based detection model. However, the distribution approach could be more optimal in describing the timeliness of botnet attacks. The botnet attack time analysis is needed to determine the right detection model for the botnet activity detection model. This paper proposes a new overview technique for botnet datasets using a statistical approach based on time gap analysis for each bot. The goal is to obtain a threshold value that can optimally separate botnet activity traffic from normal traffic. The experimental result is three different time gap threshold values to separate the botnet, normal, and background activity, ideally based on the highest time of 4,756 s, the lowest time of 28.69 s, and the average maximum time gap of 810.61 s.

Original languageEnglish
Title of host publicationISDFS 2023 - 11th International Symposium on Digital Forensics and Security
EditorsAsaf Varol, Murat Karabatak, Cihan Varol, Ahad Nasab
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9798350336986
DOIs
Publication statusPublished - 2023
Event11th International Symposium on Digital Forensics and Security, ISDFS 2023 - TN, United States
Duration: 11 May 202312 May 2023

Publication series

NameISDFS 2023 - 11th International Symposium on Digital Forensics and Security

Conference

Conference11th International Symposium on Digital Forensics and Security, ISDFS 2023
Country/TerritoryUnited States
CityTN
Period11/05/2312/05/23

Keywords

  • botnet
  • intrusion detection system
  • network infrastructure
  • network security
  • time analysis

Fingerprint

Dive into the research topics of 'Botnet Dataset Overview Using Statistical Approach Based on Time Gap Activity Analysis'. Together they form a unique fingerprint.

Cite this