Using Logistic Regression for effective feature extraction on botnet detection
碩士 === 國立成功大學 === 電腦與通信工程研究所 === 102 === As the development of network technology, on the other hand, the botnet also becomes more robust and resilient. It also produce different type of botnet during the development. The P2P botnet has the most complicated structure in these case. It’s hardly to de...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Published: |
2014
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/65222754286754131185 |
| Summary: | 碩士 === 國立成功大學 === 電腦與通信工程研究所 === 102 === As the development of network technology, on the other hand, the botnet also becomes more robust and resilient. It also produce different type of botnet during the development. The P2P botnet has the most complicated structure in these case. It’s hardly to detect by the network behavior analysis in single site. Most of this methods define some feature of the network behavior for detection botnet communication. But these features might not fit for allevery different botnets.
Therefore, we proposed a botnet detection schema method with logistic regression model to automatically choose the features which are suitable for each different botnet. After the statistical analysis, we use the selected features to process distributed co-clustering algorithm in MapReduce to merge gather the traffic with same behavior together and extract result the malicious IPs. Combine these two model to automatically choose corresponding features with each different botnet to detect the P2P botnet.
|
|---|