Botnet detection and classification system

Date of Publication

2011

Document Type

Bachelor's Thesis

Degree Name

Bachelor of Science in Computer Science

College

College of Computer Studies

Department/Unit

Computer Science

Thesis Adviser

Miguel N. Gomez

Abstract/Summary

Botnets have been an issue for the past several years. Botnets have multiple capabilities to take over single computers or large networks thus, making them more dangerous than any other malware scattered around the Internet. A sign of a botnet infection is using the connection to send or receive data. Clustering of data to identify botnet activity plays an important role in preparation for future data analysis. Botnets are identified base on their behavior that deviates from a normal network activity. A set of attributes correspond to the behavior, in which it is clustered and analyzed to determine the family of a particular bot however, not all attributes present in the datasets are relevant in determining the botnet family given its behavior. In this paper, several datasets of malicious activity with different selected attributes crucial in correctly clustering botnets to their respective families. The viability of the Self-Organizing Map algorithm to classify botnets is verified during the course of the study.

Abstract Format

html

Language

English

Format

Print

Accession Number

TU14683

Shelf Location

Archives, The Learning Commons, 12F, Henry Sy Sr. Hall

Physical Description

1 v. (various foliations) ; 28 cm.

This document is currently not available here.

Share

COinS