Logo
東海大學資訊工程學系-專題演講-學期演講-[106.11.27]A Botnet Detection System Based on Machine-Learning using Flow-Based Features

[106.11.27]A Botnet Detection System Based on Machine-Learning using Flow-Based Features

  • 單位 : 網路組
  • 分類 : 學期演講
  • 點閱 : 130
  • 日期 : 2017-11-21
時間:106年11月27日(一)19:30~20:50
地點:社會科學院SS109教室

主講人:孫宏民教授
    (
清華大學資訊工程學系)
 題:A Botnet Detection System Based on Machine-Learning using Flow-Based Features

Abstract

Botnets have always been a formidable cyber security threat. They are growing rapidly nowadays when the Internet of Things (IOT) has become an important issue and the number of internet-connected smart devices has increased by more than 15% annually. Although PC antivirus solution has been developed for a long time, it is still problematic. And the security issue of smart phones has just come into the spotlight in the near few years, not to mention the fact that smart devices and IoT are still at their growing stages. As such, the security issue of smart devices are full of uncertainties. In the foreseeable future, more devices will become a bot of botnet. In this work, we propose a system to detect potential botnet by analyzing the flows on the Internet. The system classifies similar flow traffic into groups, and then extracts the behavior patterns of each group for machine learning. The system can not only analyze p2p botnets but also extract the patterns to application layers, which can analyze botnets using http protocols.