Abstract
With the development of Internet technology, there are more and more network attack modes. APT attacks, as one of them, will have a very serious impact due to its concealment, long-term nature, and purpose. Fast-flux botnets are widely used in APT attacks due to their spreading power and destructive power. This article first introduces the basic structure and related knowledge of FFSNs, and then summarizes and compares the previous papers on Fast-flux botnet research. In order to effectively detect the Fast-flux botnet, this experiment removed features that require a lot of resources and uncertain factors, and adopted a more convenient feature AA, which became a more lightweight detection model. At the same time, because the automatic update module of the detection system will promptly feedback the current traffic situation in the network, it will greatly improve the accuracy. The experimental results of the CTU-13 and ISOT public data sets show that the detection method proposed in this article Compared with other methods, the accuracy rate is increased to 98%.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
