Mobile botnet detection model based on retrospective pattern recognition

The dynamic nature of Botnets along with their sophisticated characteristics makes them one of the biggest threats to cyber security. Recently, the HTTP protocol is widely used by Botmaster as they can easily hide their command and control traffic amongst the benign web traffic. This paper proposes a Neural Network based model to detect mobile HTTP Botnets with random intervals independent of the packet payload, commands content, and encryption complexity of Bot communications. The experimental test results that were conducted on existing datasets and real world Bot samples show that the proposed method is able to detect mobile HTTP Botnets with high accuracy.

[1]  Jürgen Schmidhuber,et al.  Deep learning in neural networks: An overview , 2014, Neural Networks.

[2]  Hee Beng Kuan Tan,et al.  Detection of Mobile Malware in the Wild , 2012, Computer.

[3]  S. Siegel,et al.  Nonparametric Statistics for the Behavioral Sciences , 2022, The SAGE Encyclopedia of Research Design.

[4]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.

[5]  Mahdi Abadi,et al.  BotOnus: an online unsupervised method for Botnet detection , 2012, ISC Int. J. Inf. Secur..

[6]  Maryam Var Naseri,et al.  Periodicity classification of HTTP traffic to detect HTTP Botnets , 2015, 2015 IEEE Symposium on Computer Applications & Industrial Electronics (ISCAIE).

[7]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[8]  M. Eslahi,et al.  MoBots: A new generation of botnets on mobile devices and networks , 2012, 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE).

[9]  Mohiuddin Ahmed,et al.  A survey of network anomaly detection techniques , 2016, J. Netw. Comput. Appl..

[10]  Maryam Var Naseri,et al.  A data collection approach for Mobile Botnet analysis and detection , 2014, 2014 IEEE Symposium on Wireless Technology and Applications (ISWTA).

[11]  Tanja S. Maier,et al.  Choosing and using diversity indices: insights for ecological applications from the German Biodiversity Exploratories , 2014, Ecology and evolution.

[12]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.

[13]  Hein S. Venter,et al.  Mobile Botnet Detection Using Network Forensics , 2010, FIS.

[14]  Brett J. Borghetti,et al.  A Survey of Distance and Similarity Measures Used Within Network Intrusion Anomaly Detection , 2015, IEEE Communications Surveys & Tutorials.

[15]  Issa Traoré,et al.  SMS Botnet Detection for Android Devices through Intent Capture and Modeling , 2015, 2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW).

[16]  Hossein Rouhani Zeidanloo,et al.  Botnet Command and Control Mechanisms , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[17]  Ali A. Ghorbani,et al.  SMS mobile botnet detection using a multi-agent system: research in progress , 2014, ACySE '14.

[18]  Meng Chang Chen,et al.  A cooperative botnet profiling and detection in virtualized environment , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[19]  R. Anitha,et al.  Botnet detection via mining of traffic flow characteristics , 2016, Comput. Electr. Eng..

[20]  Maurizio Aiello,et al.  Are mobile botnets a possible threat? The case of SlowBot Net , 2016, Comput. Secur..

[21]  M. Chuah,et al.  Smartphone Dual Defense Protection Framework: Detecting Malicious Applications in Android Markets , 2012, 2012 8th International Conference on Mobile Ad-hoc and Sensor Networks (MSN).

[22]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[23]  Vijay Varadharajan,et al.  An Enhanced Model for Network Flow Based Botnet Detection , 2015, ACSC.

[24]  M. Eslahi,et al.  Bots and botnets: An overview of characteristics, detection and challenges , 2012, 2012 IEEE International Conference on Control System, Computing and Engineering.

[25]  Nima Zahadat,et al.  BYOD security engineering: A framework and its analysis , 2015, Comput. Secur..

[26]  Manoj Kumar,et al.  An Introduction to Neural Network Methods for Differential Equations , 2015 .

[27]  Ali Feizollah,et al.  A Study Of Machine Learning Classifiers for Anomaly-Based Mobile Botnet Detection , 2013 .