Characterising and detection of botnet in P2P network  for UDP protocol

Developments in computer networking have raised concerns of the associated Botnets threat to the Internet security. Botnet is an inter-connected computers or nodes that infected with malicious software and being controlled as a group without any permission of the computer’s owner. This paper explores how network traffic characterising can be used for identification of botnet at local networks. To analyse the characteristic, behaviour or pattern of the botnet in the network traffic, a proper network analysing tools is needed. Several network analysis tools available today are used for the analysis process of the network traffic. In the analysis phase, the botnet detection strategy based on the signature and DNS anomaly approach are selected to identify the behaviour and the characteristic of the botnet. In anomaly approach most of the behavioural and characteristic identification of the botnet is done by comparing between the normal and anomalous traffic. The main focus of the network analysis is studied on UDP protocol network traffic. Based on the analysis of the network traffic, the following anomalies are identified, anomalous DNS packet request, the NetBIOS attack, anomalous DNS MX query, DNS amplification attack and UDP flood attack. This study, identify significant Botnet characteristic in local network traffic for UDP network as additional approach for Botnet detection mechanism.

Download Full-text

Urban Local Network Traffic Assignment Method Based on Turning Splitof Intersection

International Conference on Transportation Engineering 2009 ◽

10.1061/41039(345)152 ◽

2009 ◽

Author(s):

Hui Xiao ◽

Lijun Sun

Keyword(s):

Network Traffic ◽

Traffic Assignment ◽

Local Network ◽

Assignment Method

Download Full-text

mangal - making ecological network analysis simple

10.1101/002634 ◽

2014 ◽

Cited By ~ 1

Author(s):

Timothée E Poisot ◽

Benjamin Baiser ◽

Jennifer A Dunne ◽

Sonia Kéfi ◽

Francois Massol ◽

...

Keyword(s):

Network Analysis ◽

R Package ◽

Ecological Networks ◽

Ecological Interactions ◽

Ecological Network ◽

Ecological Data ◽

Meta Data ◽

Ecological Network Analysis ◽

Analysis Process ◽

Access Data

The study of ecological networks is severely limited by (i) the difficulty to access data, (ii) the lack of a standardized way to link meta-data with interactions, and (iii) the disparity of formats in which ecological networks themselves are represented. To overcome these limitations, we conceived a data specification for ecological networks. We implemented a database respecting this standard, and released a R package ( `rmangal`) allowing users to programmatically access, curate, and deposit data on ecological interactions. In this article, we show how these tools, in conjunctions with other frameworks for the programmatic manipulation of open ecological data, streamlines the analysis process, and improves eplicability and reproducibility of ecological networks studies.

Download Full-text

Evaluation of Corporate Structure Based on Social Network Analysis

Human Resources Management ◽

10.4018/978-1-4666-1601-1.ch023 ◽

2012 ◽

pp. 360-371

Author(s):

Sebastian Palus ◽

Przemyslaw Kazienko ◽

Radoslaw Michalski

Keyword(s):

Social Network ◽

Social Network Analysis ◽

Network Analysis ◽

Human Resources ◽

Process Management ◽

Human Resources Management ◽

Management Support ◽

Corporate Structure ◽

Analysis Process ◽

Group Detection

Social network analysis provides helpful reports and comparisons, which may support the corporate human resources management. Several ideas, measurements, interpretations and evaluation methods are presented and discussed in the chapter, in particular group detection, centrality degree, location analysis, process management support, dynamic analysis, and social concept networks.

Download Full-text

IoT Botnet Detection Mechanism Based on UDP Protocol

2020 IEEE Conference on Computer Applications(ICCA) ◽

10.1109/icca49400.2020.9022832 ◽

2020 ◽

Author(s):

Myint Soe Khaing ◽

Yee Mon Thant ◽

Thazin Tun ◽

Chaw Su Htwe ◽

Mie Mie Su Thwin

Keyword(s):

Detection Mechanism ◽

Botnet Detection

Download Full-text

Botnet Detection via mining of network traffic flow

Procedia Computer Science ◽

10.1016/j.procs.2018.05.137 ◽

2018 ◽

Vol 132 ◽

pp. 1668-1677 ◽

Cited By ~ 10

Author(s):

Lakshya Mathur ◽

Mayank Raheja ◽

Prachi Ahlawat

Keyword(s):

Traffic Flow ◽

Network Traffic ◽

Botnet Detection

Download Full-text

HTTP Botnet Detection in IOT Devices using Network Traffic Analysis

2019 International Conference on Recent Advances in Energy-efficient Computing and Communication (ICRAECC) ◽

10.1109/icraecc43874.2019.8995160 ◽

2019 ◽

Cited By ~ 1

Author(s):

Mohit Goyal ◽

Ipsit Sahoo ◽

G. Geethakumari

Keyword(s):

Network Traffic ◽

Traffic Analysis ◽

Botnet Detection ◽

Network Traffic Analysis ◽

Iot Devices

Download Full-text

APT attack detection based on flow network analysis techniques using deep learning

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-200694 ◽

2020 ◽

Vol 39 (3) ◽

pp. 4785-4801

Author(s):

Cho Do Xuan ◽

Mai Hoang Dao ◽

Hoa Dinh Nguyen

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Network Analysis ◽

Network Traffic ◽

Network Flow ◽

Network Flows ◽

Attack Detection ◽

Research Network ◽

Learning Models ◽

Flow Network

Advanced Persistent Threat (APT) attacks are a form of malicious, intentionally and clearly targeted attack. This attack technique is growing in both the number of recorded attacks and the extent of its dangers to organizations, businesses and governments. Therefore, the task of detecting and warning APT attacks in the real system is very necessary today. One of the most effective approaches to APT attack detection is to apply machine learning or deep learning to analyze network traffic. There have been a number of studies and recommendations to analyze network traffic into network flows and then combine with some classification or clustering methods to look for signs of APT attacks. In particular, recent studies often apply machine learning algorithms to spot the present of APT attacks based on network flow. In this paper, a new method based on deep learning to detect APT attacks using network flow is proposed. Accordingly, in our research, network traffic is analyzed into IP-based network flows, then the IP information is reconstructed from flow, and finally deep learning models are used to extract features for detecting APT attack IPs from other IPs. Additionally, a combined deep learning model using Bidirectional Long Short-Term Memory (BiLSTM) and Graph Convolutional Networks (GCN) is introduced. The new detection model is evaluated and compared with some traditional machine learning models, i.e. Multi-layer perceptron (MLP) and single GCN models, in the experiments. Experimental results show that BiLSTM-GCN model has the best performance in all evaluation scores. This not only shows that deep learning application on flow network analysis to detect APT attacks is a good decision but also suggests a new direction for network intrusion detection techniques based on deep learning.

Download Full-text

A GPS network for tropospheric tomography in the framework of the Mediterranean hydrometeorological observatory Cévennes-Vivarais (southeastern France)

Atmospheric Measurement Techniques ◽

10.5194/amt-7-553-2014 ◽

2014 ◽

Vol 7 (2) ◽

pp. 553-578 ◽

Cited By ~ 27

Author(s):

H. Brenot ◽

A. Walpersdorf ◽

M. Reverdy ◽

J. van Baelen ◽

V. Ducrocq ◽

...

Keyword(s):

Water Vapour ◽

Regional Scale ◽

Local Network ◽

Spatial Density ◽

High Temporal Resolution ◽

Precipitable Water Vapour ◽

Local Networks ◽

Gps Network ◽

Meteorological Radar ◽

The Mediterranean

Abstract. The Mediterranean hydrometeorological observatory Cévennes-Vivarais (OHM-CV) coordinates hydrometeorological observations (radars, rain gauges, water level stations) on a regional scale in southeastern France. In the framework of OHM-CV, temporary GPS measurements have been carried out for 2 months in autumn 2002, when the heaviest rainfall are expected. These measurements increase the spatial density of the existing permanent GPS network, by adding three more receivers between the Mediterranean coast and the Cévennes-Vivarais range to monitor maritime source of water vapour flow feeding the precipitating systems over the Cévennes-Vivarais region. In addition, a local network of 18 receivers covered an area of 30 by 30 km within the field of view of the meteorological radar. These regional and local networks of permanent and temporary stations are used to monitor the precipitable water vapour (PWV) with high temporal resolution (15 min). Also, the dense local network provided data which have been inverted using tomographic techniques to obtain the 3-D field of tropospheric water vapour content. This study presents methodological tests for retrieving GPS tropospheric observations from dense networks, with the aim of assessing the uncertainties of GPS retrievals. Using optimal tropospheric GPS retrieval methods, high resolution measurements of PWV on a local scale (a few kilometres) are discussed for rain events. Finally, the results of 3-D fields of water vapour densities from GPS tomography are analysed with respect to precipitation fields derived from a meteorological radar, showing a good correlation between precipitation and water vapour depletion areas.

Download Full-text

The Aggregation and Stability Analysis of Network Traffic for Structured-P2P-based Botnet Detection

Journal of Networks ◽

10.4304/jnw.5.5.517-526 ◽

2010 ◽

Vol 5 (5) ◽

Cited By ~ 1

Author(s):

Binbin Wang ◽

Zhitang Li ◽

Dong Li ◽

Hao Chen ◽

Feng Liu ◽

...

Keyword(s):

Stability Analysis ◽

Network Traffic ◽

Botnet Detection

Download Full-text

Study of the Valuation of Multimode Optical Fibers by Translation of Transmission Techniques of Optical Fiber and High Speed Mimo Radio Frequency in Local Area Network.

International Journal of Emerging Technology and Advanced Engineering ◽

10.46338/ijetae1020_06 ◽

2020 ◽

Vol 10 (10) ◽

pp. 30-36

Author(s):

MANKITI FATI Aristide ◽

NKOUKA MOUKENGUE Charmolavy Goslavy Lionel ◽

LOEMBE SOUAMY Rostand Martialy Davy ◽

PASI BENGI MASATA NZONZOLO André ◽

NZIENGUI MABIKA Camille

Keyword(s):

Optical Fiber ◽

Radio Frequency ◽

New Technologies ◽

Transfer Functions ◽

Local Area Network ◽

Local Network ◽

Area Network ◽

Modulation Formats ◽

Local Networks ◽

Multimode Optical Fiber

— In this paper, we focused on making a study of the valuation of multimode optical fiber which is used a lot in local networks and yet that we talk less in this last decade which knows an increase of new technologies using an enormous speed. To do so, we made a translation between radio frequency MIMO and optical MIMO; a study which has already been carried out in a framework of comparison of two technologies and in the literature, this convergence is already possible. Note that this is done in terms of transfer functions and of which we have made a very explicit analytical study compared to other studies already carried out in the literature for an educational and didactic objective for future studies in this context. Then we focused on doing our valuation study of multimode optical fiber, through optical MIMO technology, and our thinking was based on the quality of the signal at reception, for this, a study of modulation formats was made, because with the rise of technologies, this of course leads to an increase in speeds, so that certain formats tend to almost total disappearance. During this study, the RZ (Return to zero) format is much better in a larger local network, in terms of its Q factor and NRZ (None Return to Zero), for a smaller network, depending on its bit error rate (BER) and their eye diagrams which have a very large aperture and this is extended for the RZ format.

Download Full-text