The Research On Botnet Behavior Analysis Based On Data Mining

Posted on:2020-01-13

Degree:Master

Type:Thesis

Country:China

Candidate:L Yao

Full Text:PDF

GTID:2428330590495723

Subject:Software engineering

Abstract/Summary:

PDF Full Text Request

The current cyberattacks based on botnets are one of the most serious security threats to the Internet.Because botnets continue to evolve and the related research on botnet behavior is still not perfect.How to apply some behavioral problems to botnet research and combine the psychology of behind-the-scenes operators to analyze the future trend of botnets is still a durative and challenging problem.In view of the above problems.This paper conducts an analysis of botnet behavior.The main work of this paper consists of two parts:In terms of space,the research on botnet propagation behavior based on Apriori algorithm is proposed.The four-layer hash storage structure is designed and the propagation behavior is divided into scanning behavior and penetration behavior.In the scanning behavior,the botnet controller mining algorithm based on Apriori algorithm is proposed.The stream data is filtered.The botnet real-time footprint calculation algorithm is used to analyze the botnet footprint growth behavior according to the scan stream pattern generation model.In the penetration behavior,We use the penetration behavior mining of Apriori algorithm to analyze botnet command control behavior.Results show that the above methods can work efficiently,locate botnet stream data accurately in the data stream,and provide an accurate model map for behavioral analysis.In terms of time,the behavior of botnet communication activity based on ARIMA time series model is proposed.The controller merging algorithm and the similarity criterion under Fourier transform are proposed to aggregate botnet stream data that has been pretreated.Communicate activity behavior is divided into periodic behavior and hidden behavior.In the periodic behavior,communication cycle mining algorithm with botnet based on ARIMA model is proposed to predict the botnet activity and analyze its behavior characteristics.In the concealed behavior,the periodic propagation rule of botnet is predicted by the triangle fitting formula.Also,it can analyze the hidden features of botnets in the context of growth.Results show that the predictive model of this method can accurately locate the future communication trends of botnets and provide more accurate behavior analysis methods.

Keywords/Search Tags:

Botnet, Data mining, Behavioral analysis, Propagation behavior, Communication activity

PDF Full Text Request

Related items

1	Optimization Analysis Of Business Process Behavior Consistency Based On Process Mining
2	Network Behavior Analysis Of The Spamming Botnet And The Design And Implementation Of Spamming Botnet Detection Algorithms
3	Mining Specific Group Based On The Iterative Behavior Patterns
4	Research On Business Process Mining Based On Communication Behavioral Profile In Petri Net
5	The Application Research Of Data Mining In Campus Network Users To Network Behavior Analysis
6	Behavior Data Mining And Analysis System For Campus Big Data
7	Process Model Change Mining And Change Propagation Based On Petri Net
8	Tourist Behavior Mining And Tourism Activity Recognition Based On Swarm-intelligent Sensing
9	Research On Botnet Countermeasure Technology Based On Behavior Analysis
10	Research On Behavioral Analysis In Foreign Exchange Transaction Based On Data Mining