Botnet C&C Traffic and Flow Lifespans Using Survival Analysis

Simple item page
dc.contributor.authorOujezský, Václavcs
dc.contributor.authorHorváth, Tomášcs
dc.contributor.authorŠkorpil, Vladislavcs
dc.coverage.issue1cs
dc.coverage.volume6cs
dc.date.issued2017-03-27cs
dc.description.abstractThis paper addresses the issue of detecting unwanted traffic in data networks, namely the detection of botnet networks. In this paper, we focused on a time behavioral analysis, more specifically said – lifespans of a simulated botnet network traffic, collected and discovered from NetFlow messages, and also of real botnet communication of a malware. As a method we chose survival analysis and for rigorous testing of differences Mantel–Cox test. Lifespans of those referred traffics are discovered and calculated by lifelines using Python language. Based on our research we have figured out a possibility to distinguish the individual lifespans of C&C communications that are identical to each other by using survival projection curves, although it occurred in a different time course.en
dc.description.abstractThis paper addresses the issue of detecting unwanted traffic in data networks, namely the detection of botnet networks. In this paper, we focused on a time behavioral analysis, more specifically said – lifespans of a simulated botnet network traffic, collected and discovered from NetFlow messages, and also of real botnet communication of a malware. As a method we chose survival analysis and for rigorous testing of differences Mantel–Cox test. Lifespans of those referred traffics are discovered and calculated by lifelines using Python language. Based on our research we have figured out a possibility to distinguish the individual lifespans of C&C communications that are identical to each other by using survival projection curves, although it occurred in a different time course.en
dc.formattextcs
dc.format.extent38-44cs
dc.format.mimetypeapplication/pdfcs
dc.identifier.citationInternational Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems. 2017, vol. 6, issue 1, p. 38-44.en
dc.identifier.doi10.11601/ijates.v6i1.205cs
dc.identifier.issn1805-5443cs
dc.identifier.orcid0000-0001-7629-6299cs
dc.identifier.orcid0000-0001-8659-8645cs
dc.identifier.orcid0000-0003-0957-0563cs
dc.identifier.other134474cs
dc.identifier.researcheridQ-9784-2017cs
dc.identifier.scopus57160133400cs
dc.identifier.urihttp://hdl.handle.net/11012/69225
dc.language.isoencs
dc.publisherInternational Science and Engineering Society, o.s.cs
dc.relation.ispartofInternational Journal of Advances in Telecommunications, Electrotechnics, Signals and Systemscs
dc.relation.urihttp://ijates.org/index.php/ijates/article/view/205cs
dc.rightsCreative Commons Attribution-ShareAlike 4.0 Internationalcs
dc.rights.accessopenAccesscs
dc.rights.sherpahttp://www.sherpa.ac.uk/romeo/issn/1805-5443/cs
dc.rights.urihttp://creativecommons.org/licenses/by-sa/4.0/cs
dc.subjectBotneten
dc.subjectLifespansen
dc.subjectModelingen
dc.subjectNetFlowen
dc.subjectSurvivalen
dc.subjectAnalysisen
dc.subjectBotnet
dc.subjectLifespans
dc.subjectModeling
dc.subjectNetFlow
dc.subjectSurvival
dc.subjectAnalysis
dc.titleBotnet C&C Traffic and Flow Lifespans Using Survival Analysisen
dc.title.alternativeBotnet C&C Traffic and Flow Lifespans Using Survival Analysisen
dc.type.driverarticleen
dc.type.statusPeer-revieweden
dc.type.versionpublishedVersionen
sync.item.dbidVAV-134474en
sync.item.dbtypeVAVen
sync.item.insts2025.10.14 14:12:53en
sync.item.modts2025.10.14 09:53:52en
thesis.grantorVysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií. Ústav telekomunikacícs

Files

Original bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
2058531PB.pdf
Size:
2.84 MB
Format:
Adobe Portable Document Format
Description:
2058531PB.pdf
Download

Collections

Ústav telekomunikací