Show simple item record

dc.contributor.authorGhafir, Ibrahim
dc.contributor.authorPrenosil, V.
dc.contributor.authorHammoudeh, M.
dc.contributor.authorBaker, T.
dc.contributor.authorJabbar, S.
dc.contributor.authorKhalid, S.
dc.contributor.authorJaf, S.
dc.date.accessioned2020-01-24T12:16:38Z
dc.date.accessioned2020-02-05T15:03:40Z
dc.date.available2020-01-24T12:16:38Z
dc.date.available2020-02-05T15:03:40Z
dc.date.issued2018-06
dc.identifier.citationGhafir I, Prenosil V, Hammoudeh M et al (2018) BotDet: a system for real time Botnet command and control traffic detection. IEEE Access. 6: 38947-38958.en_US
dc.identifier.urihttp://hdl.handle.net/10454/17617
dc.descriptionYesen_US
dc.description.abstractOver the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed system: 1) we have developed four detection modules to detect different possible techniques used in botnet C&C communications and 2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6%, respectively. Furthermore, it proves BotDet capability of real time detection.en_US
dc.language.isoenen_US
dc.relation.isreferencedbyhttps://doi.org/10.1109/ACCESS.2018.2846740en_US
dc.rightsThis work is licensed under a Creative Commons Attribution 3.0 License. For more information, see http://creativecommons.org/licenses/by/3.0/en_US
dc.subjectCritical infrastructure securityen_US
dc.subjectHealthcare cyber attacksen_US
dc.subjectMalwareen_US
dc.subjectBotneten_US
dc.subjectCommand and control serveren_US
dc.subjectIntrusion detection systemen_US
dc.subjectAlert correlationen_US
dc.titleBotDet: a system for real time Botnet command and control traffic detectionen_US
dc.status.refereedYesen_US
dc.date.Accepted2018-05-26
dc.date.application2018-06-13
dc.typeArticleen_US
dc.type.versionPublished versionen_US
dc.date.updated2020-01-24T12:16:41Z
refterms.dateFOA2020-02-05T15:04:08Z


Item file(s)

Thumbnail
Name:
BotDetASystemforRealTimeBotnet ...
Size:
4.756Mb
Format:
PDF
Description:
Ghafir_IEEE_Access_Jun_2018

This item appears in the following Collection(s)

Show simple item record