TY - GEN
T1 - Prototyping Distributed Botnet Detection System in Computer Networks
AU - Rachman Putra, Muhammad Aidiel
AU - Ahmad, Tohari
AU - Ijtihadie, Royyana Muslim
AU - Hostiadi, Dandy Pramana
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Being dangerous threats and attacks in this cyber era, botnets require proper handling. Nevertheless, some bot detection models that have been proposed are centralized and can only detect at one point of attack, even though there are two known types of botnet activity: single and bot group. In fact, attacks from grouped bots can have a series of attacks with the same pattern at several different attack targets. So, it requires a distributed detection model that can detect bot attacks on some detection sensors and assemble them in the form of correlation analysis. This paper proposes a prototype distributed botnet detection model that can synchronize detection in each detection sensor and analyze a series of bot attack activities. It aims to obtain information on the series of attacks that occur at several attack points and state as a correlated botnet attack scenario. With the existence of a distributed botnet activity detection prototype, it will be able to facilitate the analysis and anticipation process from the system and network security administrators.
AB - Being dangerous threats and attacks in this cyber era, botnets require proper handling. Nevertheless, some bot detection models that have been proposed are centralized and can only detect at one point of attack, even though there are two known types of botnet activity: single and bot group. In fact, attacks from grouped bots can have a series of attacks with the same pattern at several different attack targets. So, it requires a distributed detection model that can detect bot attacks on some detection sensors and assemble them in the form of correlation analysis. This paper proposes a prototype distributed botnet detection model that can synchronize detection in each detection sensor and analyze a series of bot attack activities. It aims to obtain information on the series of attacks that occur at several attack points and state as a correlated botnet attack scenario. With the existence of a distributed botnet activity detection prototype, it will be able to facilitate the analysis and anticipation process from the system and network security administrators.
KW - Intrusion Detection System
KW - bot detection correlation
KW - distributed detection
KW - network infrastructure
KW - network security
UR - http://www.scopus.com/inward/record.url?scp=85129413970&partnerID=8YFLogxK
U2 - 10.1109/ICCI54321.2022.9756127
DO - 10.1109/ICCI54321.2022.9756127
M3 - Conference contribution
AN - SCOPUS:85129413970
T3 - 5th International Conference on Computing and Informatics, ICCI 2022
SP - 292
EP - 297
BT - 5th International Conference on Computing and Informatics, ICCI 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th International Conference on Computing and Informatics, ICCI 2022
Y2 - 9 March 2022 through 10 March 2022
ER -