- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Knowledge Graph Search feature is available on CiNii Labs
- 【Updated on June 30, 2025】Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
Apriori-PrefixSpan Hybrid Approach for Automated Detection of Botnet Coordinated Attacks
Description
This paper aims to detect features of coordinated attacks by applying data mining techniques, Apriori and Prefix Span, to the CCC DATA set 2008-2010 which consists of the captured packets data and the downloading logs. Data mining algorithms allow us to automate detecting characteristics from large amount of data, which the conventional heuristics could not apply. Apriori a chives high recall but with false positive, while Prefix Span has high precision but low recall. Hence, we propose hybriding these algorithms. Our analysis shows the change in behavior of malware over the past 3 years.
Journal
-
- 2011 14th International Conference on Network-Based Information Systems
-
2011 14th International Conference on Network-Based Information Systems 92-97, 2011-09-01
IEEE