- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Automatic Translation feature is available on CiNii Labs
- Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
Search this article
Description
This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.21(2013) No.4 (online) DOI http://dx.doi.org/10.2197/ipsjjip.21.607 ------------------------------
This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.21(2013) No.4 (online) DOI http://dx.doi.org/10.2197/ipsjjip.21.607 ------------------------------
Journal
-
- 情報処理学会論文誌
-
情報処理学会論文誌 54 (9), 2013-09-15
- Tweet
Details 詳細情報について
-
- CRID
- 1050001337903306752
-
- NII Article ID
- 110009605625
-
- NII Book ID
- AN00116647
-
- ISSN
- 18827764
-
- Text Lang
- en
-
- Article Type
- journal article
-
- Data Source
-
- IRDB
- CiNii Articles
