| 講演名 | 2019-07-04 Traffic Feature-based Botnet Detection Scheme Emphasizing the Importance of Long Patterns 安 毅宸(慶大), 春田 秀一郎(慶大), 崔 相勳(慶大), 笹瀬 巌(慶大), |
|---|---|
| PDFダウンロードページ |  PDFダウンロードページへ |
| 抄録(和) | |
| 抄録(英) | The botnet detection is imperative. Among several detection schemes, the promising one uses the communication sequences. The main idea of that scheme is that the communication sequences represent special feature since they are controlled by programs. That sequence is tokenized to truncated sequences by $n$-gram and the numbers of each pattern's occurrence are used as a feature vector. However, although the features are normalized by the total number of all patterns' occurrences, the number of occurrences in larger $n$ are less than those of smaller $n$. That is, regardless of the value of $n$, the previous scheme normalizes it by the total number of all patterns' occurrences. As a result, normalized long patterns' features become very small value and are hidden by others. In order to overcome this shortcoming, in this paper, we propose tit. We realize the emphasizing by two ideas. The first idea is normalizing occurrences by the total number of occurrences in each $n$ instead of the total number of all patterns' occurrences. By doing this, smaller occurrences in larger $n$ are normalized by smaller values and the feature becomes more balanced with larger value. The second idea is giving weights to the normalized features by calculating ranks of the normalized feature. By weighting features according to the ranks, we can get more outstanding features of longer patterns. By the computer simulation with real dataset, we show the effectiveness of our scheme. |
| キーワード(和) | |
| キーワード(英) | botnet detectionmachine learningfeature emphasizing |
| 資料番号 | CS2019-18 |
| 発行日 | 2019-06-27 (CS) |
| 研究会情報 | |
| 研究会 | CS |
|---|---|
| 開催期間 | 2019/7/4(から2日開催) |
| 開催地(和) | 奄美市福祉協議会 奄美市社会福祉センター |
| 開催地(英) | Amami City Social Welfare Center |
| テーマ(和) | 次世代ネットワーク,アクセスネットワーク,ブロードバンドアクセス方式,電力線通信,無線通信方式,符号化方式,一般 |
| テーマ(英) | Next Generation Networks, Access Networks, Broadband Access, Power Line Communications, Wireless Communication Systems, Coding Systems, etc. |
| 委員長氏名(和) | 中里 秀則(早大) |
| 委員長氏名(英) | Hidenori Nakazato(Waseda Univ.) |
| 副委員長氏名(和) | 寺田 純(NTT) |
| 副委員長氏名(英) | Jun Terada(NTT) |
| 幹事氏名(和) | 金井 謙治(早稲田大) / 名倉 健一(三菱電機) |
| 幹事氏名(英) | Kenji Kanai(Waseda Univ.) / Kenichi Nakura(Mitsubishi Electric) |
| 幹事補佐氏名(和) | 原 一貴(NTT) / 斉藤 洋之(OKI) |
| 幹事補佐氏名(英) | Kazutaka Hara(NTT) / Hiroyuki Saito(OKI) |
| 講演論文情報詳細 | |
| 申込み研究会 | Technical Committee on Communication Systems |
|---|---|
| 本文の言語 | ENG |
| タイトル(和) | |
| サブタイトル(和) | |
| タイトル(英) | Traffic Feature-based Botnet Detection Scheme Emphasizing the Importance of Long Patterns |
| サブタイトル(和) | |
| キーワード(1)(和/英) | / botnet detectionmachine learningfeature emphasizing |
| 第 1 著者 氏名(和/英) | 安 毅宸 / Yichen An |
| 第 1 著者 所属(和/英) | 慶應義塾大学(略称:慶大) Keio University(略称:Keio Univ.) |
| 第 2 著者 氏名(和/英) | 春田 秀一郎 / Shuichiro Haruta |
| 第 2 著者 所属(和/英) | 慶應義塾大学(略称:慶大) Keio University(略称:Keio Univ.) |
| 第 3 著者 氏名(和/英) | 崔 相勳 / Sanghun Choi |
| 第 3 著者 所属(和/英) | 慶應義塾大学(略称:慶大) Keio University(略称:Keio Univ.) |
| 第 4 著者 氏名(和/英) | 笹瀬 巌 / Iwao Sasase |
| 第 4 著者 所属(和/英) | 慶應義塾大学(略称:慶大) Keio University(略称:Keio Univ.) |
| 発表年月日 | 2019-07-04 |
| 資料番号 | CS2019-18 |
| 巻番号(vol) | vol.119 |
| 号番号(no) | CS-101 |
| ページ範囲 | pp.31-35(CS), |
| ページ数 | 5 |
| 発行日 | 2019-06-27 (CS) |