Home > Research > Publications & Outputs > Botyacc

Research

Links

Text available via DOI:

Keywords

View graph of relations

Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis. / Nagaraja, Shishir.
Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II. ed. / Mirosław Kutyłowski; Jaideep Vaidya. Springer, 2014. p. 439-456 (Lecture Notes in Computer Science; Vol. 8713).

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Nagaraja, S 2014, Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis. in M Kutyłowski & J Vaidya (eds), Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II. Lecture Notes in Computer Science, vol. 8713, Springer, pp. 439-456. https://doi.org/10.1007/978-3-319-11212-1_25

APA

Nagaraja, S. (2014). Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis. In M. Kutyłowski, & J. Vaidya (Eds.), Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II (pp. 439-456). (Lecture Notes in Computer Science; Vol. 8713). Springer. https://doi.org/10.1007/978-3-319-11212-1_25

Vancouver

Nagaraja S. Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis. In Kutyłowski M, Vaidya J, editors, Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II. Springer. 2014. p. 439-456. (Lecture Notes in Computer Science). doi: 10.1007/978-3-319-11212-1_25

Author

Nagaraja, Shishir. / Botyacc : unified P2P botnet detection using behavioural analysis and graph analysis. Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. Proceedings, Part II. editor / Mirosław Kutyłowski ; Jaideep Vaidya. Springer, 2014. pp. 439-456 (Lecture Notes in Computer Science).

Bibtex

@inproceedings{8572c505e4fa4a4ba4e18e6ffeba6012,
title = "Botyacc: unified P2P botnet detection using behavioural analysis and graph analysis",
abstract = "We propose a novel technique for detecting P2P botnets. Detection isbased on two working principles. First, we exploit a {\bf fundamentalproperty} of botnet design: peer-to-peer connectivity topologies arefundamental to botnet survivability. Second, we use traffic-flowpattern analysis to capture traffic similarity within a botnet. Ourwork unifies graph-theoretic detection with behavioural detection intoa single technique. We carried out evaluation over live P2P botnettraffic and show that the resulting algorithm can localise themajority of bots with low false-positive rate.",
keywords = "Traffic analysis, botnet detection, behavioural analysis, graph theory",
author = "Shishir Nagaraja",
year = "2014",
doi = "10.1007/978-3-319-11212-1_25",
language = "English",
isbn = "9783319112114",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "439--456",
editor = "Miros{\l}aw Kuty{\l}owski and Jaideep Vaidya",
booktitle = "Computer Security - ESORICS 2014",

}

RIS

TY - GEN

T1 - Botyacc

T2 - unified P2P botnet detection using behavioural analysis and graph analysis

AU - Nagaraja, Shishir

PY - 2014

Y1 - 2014

N2 - We propose a novel technique for detecting P2P botnets. Detection isbased on two working principles. First, we exploit a {\bf fundamentalproperty} of botnet design: peer-to-peer connectivity topologies arefundamental to botnet survivability. Second, we use traffic-flowpattern analysis to capture traffic similarity within a botnet. Ourwork unifies graph-theoretic detection with behavioural detection intoa single technique. We carried out evaluation over live P2P botnettraffic and show that the resulting algorithm can localise themajority of bots with low false-positive rate.

AB - We propose a novel technique for detecting P2P botnets. Detection isbased on two working principles. First, we exploit a {\bf fundamentalproperty} of botnet design: peer-to-peer connectivity topologies arefundamental to botnet survivability. Second, we use traffic-flowpattern analysis to capture traffic similarity within a botnet. Ourwork unifies graph-theoretic detection with behavioural detection intoa single technique. We carried out evaluation over live P2P botnettraffic and show that the resulting algorithm can localise themajority of bots with low false-positive rate.

KW - Traffic analysis

KW - botnet detection

KW - behavioural analysis

KW - graph theory

U2 - 10.1007/978-3-319-11212-1_25

DO - 10.1007/978-3-319-11212-1_25

M3 - Conference contribution/Paper

SN - 9783319112114

T3 - Lecture Notes in Computer Science

SP - 439

EP - 456

BT - Computer Security - ESORICS 2014

A2 - Kutyłowski, Mirosław

A2 - Vaidya, Jaideep

PB - Springer

ER -