Abstract

The concept of using node-based sampling for the treatment of packet capture mechanism based on Libpcap of network-based detecting Peer-to-Peer botnet process was tested, and its effect on the time window of feature extracting and sampling time interval was explored. Node-based sampling treatment resulted in significant increase in the detection performance due to node profile of the novel behaviors to the detected computer in Peer-to-Peer bot detection, and the degradation of false positive. At relatively right time window (e.g., about 180s), precision was completely maximized, while the false positive decreased by 10% to 15%. The detection rate can be significantly increased due to the false positive degradation. A new performance index called Comprehensive Evaluation Index is proposed for more clearly represent the effectiveness. Sampling can reduce morn than 60% input raw packet traces and achieve a high detection rate (about 99%) and a low false positive rates (0-2%). DOI: http://dx.doi.org/10.11591/telkomnika.v10i5.1272

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Decision letter: Human B cell lineages associated with germinal centers following influenza vaccination are measurably evolving
Armita Nourmohammad ... Aleksandra M Walczak
-
Armita Nourmohammad, et. al.Armita Nourmohammad ... Aleksandra M Walczak
30 Jul 2021
Genetic sonography: the historical and clinical role of fetal echocardiography
G R Devore
Ultrasound in Obstetrics & Gynecology | VOL. 35
G R DevoreG R Devore
29 Apr 2010
Breast cancer detection in mammography using spatial diversity, geostatistics, and concave geometry
Geraldo Braz Junior ... Simara V Da Rocha
Multimedia Tools and Applications | VOL. 78
Geraldo Braz Junior, et. al.Geraldo Braz Junior ... Simara V Da Rocha
25 Jun 2018
A lightweight anomaly detection technique for low-resource IoT devices: A game-theoretic methodology
Hichem Sedjelmaci ... Sidi Mohammed Senouci
-
Hichem Sedjelmaci, et. al.Hichem Sedjelmaci ... Sidi Mohammed Senouci
01 May 2016
View more papers

More From: TELKOMNIKA Indonesian Journal of Electrical Engineering

Paper Title
Journal
Date
Author
Biogeography Based Optimization Tuned Fuzzy Logic Controller to Adjust Speed of Electric Vehicle
Salam Waley ... Nasseer K Bachache
TELKOMNIKA Indonesian Journal of Electrical Engineering | VOL. 16
Salam Waley, et. al.Salam Waley ... Nasseer K Bachache
01 Dec 2015
Optimal Coordination of Overcurrent and Distance Relays Using Cuckoo Optimization Algorithm
Farhad Namdari ... Mohammad Bakhshipour
TELKOMNIKA Indonesian Journal of Electrical Engineering | VOL. 16
Farhad Namdari, et. al.Farhad Namdari ... Mohammad Bakhshipour
01 Dec 2015
Analysis of Amplify-and-Forward Cooperative Networks with Nakagami-m fading Channels For MRC Diversity Combining
Ali Abdulwahhab Mohammed ... Li Yu
TELKOMNIKA Indonesian Journal of Electrical Engineering | VOL. 16
Ali Abdulwahhab Mohammed, et. al.Ali Abdulwahhab Mohammed ... Li Yu
01 Dec 2015
An Interactive Mobile Augmented Reality for Tourism Objects at Purbalingga District
Imam Tahyudin ... Dhanar Intan Surya Saputra
TELKOMNIKA Indonesian Journal of Electrical Engineering | VOL. 16
Imam Tahyudin, et. al.Imam Tahyudin ... Dhanar Intan Surya Saputra
01 Dec 2015
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.