Mendedahkan Ciri Terpilih Yang Mempengaruhi Pengecaman Botnet HTTP
DOI:
https://doi.org/10.37338/elti.v4i1.220Keywords:
botnet HTTP; pengesanan botnet; pemilihan fitur; analisis rangkaian; pendekatan statistikalAbstract
Botnet dikenalpasti sebagai salah satu ancaman yang paling banyak muncul kerana penjenayah Siber berusaha gigih untuk menjadikan sebahagian besar pengguna rangkaian komputer sebagai sasaran mereka. Oleh itu, ramai penyelidik telah menjalankan banyak kajian mengenai botnet dan cara untuk mengesan botnet dalam trafik rangkaian. Kebanyakan mereka hanya menggunakan ciri di dalam sistem tanpa menyebut pengaruh ciri dalam pengesanan botnet. Pemilihan ciri adalah penting dalam pengesanan botnet kerana ia boleh meningkatkan ketepatan pengesanan. Selain itu, penyelidikan sedia ada lebih menumpukan kepada teknik pengecaman daripada mendedahkan tujuan di sebalik pemilihan. Dalam penyelidikan ini, kaedah pembelajaran mesin yang diselia telah digunakan dan fokus utama adalah pada teknik pemilihan ciri yang akan mendedahkan ciri pengaruh dalam pengesanan botnet menggunakan kaedah statistik. Keputusan yang diperoleh menunjukkan ketepatan adalah kira-kira 91% yang boleh diterima untuk menggunakan ciri pengaruh dalam mengesan aktiviti botnet seterusnya mengesahkan pendekatan statistik terbukti membezakan kehadiran botnet HTTP dalam trafik rangkaian.
References
Abedinia, O., Amjady, N. and Zareipour, H., “A New Feature Selection Technique for Load and Price Forecast of Electrical Power Systems,” IEEE Transactions on Power Systems, Vol. 32, Issues 1, pp.62-74, 2017.
Ahsen, M.E., Boren, T.P., Singh, N.K., Misganaw, B.,Mutch, D.G., Moore, K.N., Backes, F.J., McCourt, C.K., Lea, J.S., Miller, D.S. and White, M.A., “Sparse feature selection for classification and prediction of metastasis in endometrial cancer,” BMC genomics, 18(3), p. 233, 2017.
B. Claise, 2008. “Specification of the IP flow information export (IPFIX) protocol for the exchange of IP traffic flow information”.Retrieved from https://tools.ietf.org/html/rfc5101 [Accessed on March 8, 2017].
Begum, S., Bera, S.P., Chakraborty, D. and Sarkar, R., “Breast cancer detection using feature selection and active learning,” In Computer, Communication and Electrical Technology, pp. 43-48, CRC Press, 2017.
Bolon-Canedo, V., Sanchez-Marono, N. and Alonso- Betanzos, A., “Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset,” Expert Systems with Applications, Vol. 38, No. 5, pp. 5947- 5957, 2011.
Cai, T. and Zou, F., “Detecting HTTP botnet with clustering network traffic,” In Wireless Communications, Networking and Mobile Computing (WiCOM), 2012 8th International Conference on Shanghai, China , pp. 1-7, IEEE, September, 2012.
Chen, C.M., Ou, Y.H. and Tsai, Y.C., “Web botnet detection based on flow information,” In Computer
Symposium (ICS), 2010 International on Tainan, Taiwan, Taiwan, pp. 381-384, IEEE, December 2010.
Eric Auchard, 2016. “German internet outage was failed botnetattempt:report”. Retrieved from http://www.reuters.com/article/us-deutsche-telekom-outages- dUSKBN13N12K [Accessed on February 13, 2017].
E. Popoola, A. Adewumi, “Efficient feature selection technique for network intrusion detection system using discrete differential evolution and decision tree,” International Journal of Network Security, Vol.19, No.5, pp. 660-669, Sept. 2017.
Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Ma’arof,R.U.R. and Shamshirband, S., “A study of machine learning classifier for anomaly-based mobile botnet detection” Malaysian Journal of Computer Science, 26(4), 2014.
Field, A, 2009. Logistic regression. Discovering statistics using SPSS, pp 264-315.Hughes, K. and Qu, Y., “A theoretical model: Using logistic regression for malware signature based detection,” In the 10th International Conference on Dependable, Autonomic, and Secure Computing (DASC-2012), 2012.
J.Jabez and Muthukumar, “Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection Approach,” Procedia Computer Science 48 (2015) 338 – 346
Khattak, S., Ramay, N.R., Khan, K.R., Syed, A.A. and Khayam, S.A., “A taxonomy of botnet behavior, detection, and defense,” IEEE Communications Surveys & Tutorials, Volume 16, No. 2, pp. 898-924, 2014.
Manikandan, Gopi, Abirami, S. “ Feature Selection Is Important: State-of-the-Art Methods and Application Domains of Feature Selection on High-Dimensional Data” 177- 196, 2021
M. C. E. R. T. MYCERT, “Incidents Report of General Incident Classification Statistic 2022,” 2022. [Online].Available:https://www.mycert.org.my/portal/statistics-content?menu=b75e037d-6ee3-4d11-8169-66677d694932&id=574bf33f-7291-4b6e-bb61-9adcf6a6259c . [Accessed: 26-August-2022].
M. S. Mok, S. Y. Sohn, and Y. H. Ju, “Randomeffects logistic regression model for anomalydetection,” Expert Syst. Appl., vol. 37, no. 10, pp.7162–7166, 2010.
Ott, R.L. and Longnecker, M.T., 2010. An introduction to statistical methods and data analysis. Cengage Learning.
Saad, S., Traore, I., Ghorbani, A., Sayed, B., Zhao, D., Lu, W., Felix, J. and Hakimian, P., “Detecting
P2P botnets through network behavior analysis and machine learning,” In Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference on Montreal, QC, Canada, pp. 174- 180, IEEE, July, 2011.
Stevanovic, M. and Pedersen, J. M., “An efficient flow-based botnet detection using supervised machine learning,” In Computing, Networking and Communications (ICNC), 2014 International Conference on Honolulu, HI, USA, pp. 797- 801, IEEE, February, 2014.
V. Jyothsna, V. V. Rama Prasad and K.Munivara Prasad “A Review of Anomaly based Intrusion Detection Systems “International Journal of Computer Applications (0975 – 8887), 2011
Warwick Ashford, 2017. Lloyds Bank hit by massive DDoS attack. Retrieved from http://www.computerweekly.com/news/450411443/Lloyds-Bank-hit-by-massive-DDoS-attack [Accessed on March 8, 2017].
Zhao, D., Traore, I., Sayed, B., Lu, W., Saad, S., Ghorbani,A. and Garant, D., “Botnet detection based on traffic behavior analysis and flow intervals,” Computers & Security, 39, pp. 2-16, 2013.
