文化大學機構典藏 CCUR:Item 987654321/32071
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 46962/50828 (92%)
Visitors : 12477458      Online Users : 656
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/32071


    Title: 基於網路流量之殭屍網路偵測之研究
    Detection of HTTP Botnet Based on Network Traffic
    Authors: 孔新
    Contributors: 全球商務碩士學位學程碩士班
    Keywords: 殭屍網絡檢測
    基於HTTP的殭屍網絡
    HTTP的功能
    C&C通道
    數據挖掘
    決策樹
    Botnet detection
    HTTP-based botnet
    HTTP features
    C&C channel
    Data mining
    Decision tree
    Date: 2016
    Issue Date: 2016-02-24 15:28:26 (UTC+8)
    Abstract: Internet has become an essential part of everyday communication and every daily life. Mostly people often go online but do not careful enough to think about the security and how to protect their computer from the threat. Generally, people cannot predict about when and how they get an attack from the threat when they click to the unreliable websites. Botnet is the one kind of most dangerous threat which occurred from using the Internet. The characteristic of botnet is the group of infected computers which connected to the Internet and were controlled by the attacker or hacker to command the operation in several network attacks and several forms. The threat and malicious activities include DDoS attack, spamming, thieving personal information, illegal hosting and sale or rent services, click fraud and adware. There are two popular based on botnet attack. IRC-based botnet is formerly based generation and the HTTP-based botnet is the presently based generation. HTTP-based botnet could be found to identify difficulty because they use the standard HTTP protocol to communicate between bots and botmaster, which means it easier to evade the protection system like the anti-virus programs. Many methods which based on the behavior analysis system were provided to detect the HTTP-based botnet but the botnet still can conceal their behavior from that methods. Therefore, this paper will add the critical of HTTP feature to improve the probability to detect the botnet including the new botnet which never found a pattern before. HTTP features were used to apply the data mining approach with decision tree algorithm to automate detecting the malicious characteristics from a big data. Additionally, the feature filters and algorithms were used to analyze the network packets to trails the evidence of suspicious activities of HTTP botnet. Finally, the confusion matrix will be used to estimate and prove the result for better detection rate.
    Appears in Collections:[English Program of Global Business] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML349View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback