Detection of P2P botnets based on support vector machine : case study

Abstract EN

Botnet is a general term referring to a group of automated software robots that run without human intervention (malware code).

Nowadays, Botnets produces a major threat to the cyber security (Information Assurance) of computing assets.

Therefore, you need to protect our huge confidential and personal information through the use of web interfaces such as online passwords, corporate secrets, online banking accounts, and social networking accounts like Facebook.

Network traffic analysis is an important component in the management and security of current networks and in the design and planning on future networks.

This study enables the researcher : (a) to study botnet topologies, behavior and lifecycle events and actions (b) to combine normal web traffic and normal P2P traffic for binary classification ; (c) to produce simulated network flow data comparable to the activities of a botnet controller or "bots”, and hosts under attack (testing samples) ; and (d) to detection and identifies P2P botnet framework using Support Vector Machine (SVM) based on statistical features.