乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T16:41:02Z","timestamp":1740156062602,"version":"3.37.3"},"reference-count":38,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2019,3,5]],"date-time":"2019-03-05T00:00:00Z","timestamp":1551744000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"A DDoS (Distributed Denial of Service) attack makes use of a botnet to launch attacks and cause node congestion of wireless sensor networks, which is a common and serious threat. Due to the various kinds of features required in a Peer-to-Peer (P2P) botnet for DDoS attack detection via current machine learning methods and the failure to effectively detect encrypted botnets, this paper extracts the data packet size and the symmetric intervals in flow according to the concept of graphic symmetry. Combined with flow information entropy and session features, the frequency domain features can be sorted so as to obtain features with better correlations, which solves the problem of multiple types of features required for detection. Information entropy corresponding to the flow size can distinguish an encrypted botnet. This method is implemented through machine learning techniques. Experimental results show that the proposed method can detect the P2P botnet for DDoS attack and the detection accuracy is higher than that of traditional feature detection.<\/jats:p>","DOI":"10.3390\/sym11030326","type":"journal-article","created":{"date-parts":[[2019,3,5]],"date-time":"2019-03-05T16:19:50Z","timestamp":1551802790000},"page":"326","source":"Crossref","is-referenced-by-count":14,"title":["A Feature Extraction Method for P2P Botnet Detection Using Graphic Symmetry Concept"],"prefix":"10.3390","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4916-480X","authenticated-orcid":false,"given":"Zhixian","family":"Yang","sequence":"first","affiliation":[{"name":"Institute of Information and Navigation, Air Force Engineering University, Xi\u2019an 710000, China"}]},{"given":"Buhong","family":"Wang","sequence":"additional","affiliation":[{"name":"Institute of Information and Navigation, Air Force Engineering University, Xi\u2019an 710000, China"}]}],"member":"1968","published-online":{"date-parts":[[2019,3,5]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Gelenbe, E., Gellman, M., and Loukas, G. (2004, January 25\u201327). Defending Networks Against Denial of Service Attacks. Proceedings of the Unmanned\/Unattended Sensors and Sensor Setworks, London, UK.","DOI":"10.1117\/12.578502"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Wurzinger, P., Bilge, L., Holz, T., Goebel, J., Kruegel, C., and Kirda, E. (2009, January 21\u201323). Automatically Generating Models for Botnet Detection. Proceedings of the 14th European Symposium on Research in Computer Security, Saint-Malo, France.","DOI":"10.1007\/978-3-642-04444-1_15"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1109\/TIFS.2013.2290197","article-title":"Building a scalable system forstealthy p2p-botnet detection","volume":"9","author":"Zhang","year":"2014","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_4","unstructured":"Huseynov, K., Kim, K., and Yoo, P. (2014, January 21\u201324). Semi-supervised Botnet Detection Using Ant Colony System. Proceedings of the 31th Symposium on Cryptography and Information Security, Kagoshima, Japan."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Yin, C. (2014). Towards Accurate Node-based Detection of P2P Botnets. Sci. World J., 2014.","DOI":"10.1155\/2014\/425491"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.cose.2013.04.007","article-title":"Botnet detection based on traffic behavior analysis and flow intervals","volume":"39","author":"Zhao","year":"2013","journal-title":"Comput. Secur."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Narang, P., Khurana, V., and Hota, C. (2014, January 26\u201329). Machine-learning approaches for P2P botnet detection using signal-processing techniques. Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems, Mumbai, India.","DOI":"10.1145\/2611286.2611318"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1016\/j.eswa.2017.01.046","article-title":"Sparse representation of two- and three-dimensional images with fractional Fourier, Hartley, linear canonical, and Haar wavelet transforms","volume":"77","author":"Bartan","year":"2017","journal-title":"Expert Syst. Appl."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"087601","DOI":"10.1103\/PhysRevLett.116.087601","article-title":"Two-Dimensional Correlation of Isotropic and Directional Diffusion Using NMR","volume":"116","author":"Topgaard","year":"2016","journal-title":"Phys. Rev. Lett."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Yan, J.J., Kuo, H.H., Lin, Y.F., and Liao, T.L. (2016, January 4\u20136). Real-time Driver Drowsiness Detection System Based on PERCLOS and Grayscale Image Processing. Proceedings of the 2016 International Symposium on Computer, Consumer and Control, Xi\u2019an, China.","DOI":"10.1109\/IS3C.2016.72"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Marnerides, A.K., and Mauthe, A.U. (2016, January 24). Analysis and characterizationof botnet scan traffic. Proceedings of the 2016 International Conference on Computing, Networking and Communications (ICNC), Kauai, HI, USA.","DOI":"10.1109\/ICCNC.2016.7440627"},{"key":"ref_12","unstructured":"Chao, L., Wei, J., and Xin, Z. (2009, January 7\u20139). Botnet: Survey and case study. Proceedings of the Fourth International Conference on Innovative Computing, Information and Control (ICICIC), Kaohsiung, Taiwan."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1849","DOI":"10.1002\/sec.898","article-title":"Behavior-basedbotnet detection in parallel","volume":"7","author":"Wang","year":"2014","journal-title":"Secur. Commun. Netw."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Sinclair, G., Nunnery, C., and Kang, B.B. (2009, January 13\u201314). The waledacprotocol:the how and why. Proceedings of the 4th International Conference on Maliciousand Unwanted Software (MALWARE), Montreal, QC, Canada.","DOI":"10.1109\/MALWARE.2009.5403015"},{"key":"ref_15","unstructured":"Holz, T., Steiner, M., Dahl, F., Biersack, E., and Freiling, F. (2008, January 5\u201315). Measurementsand mitigation of peer-to-peer-based botnets: A casestudy on storm worm. Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, San Francisco, CA, USA."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"676","DOI":"10.1109\/TIFS.2011.2173486","article-title":"A large-scale empiricalstudy of conficker","volume":"7","author":"Shin","year":"2012","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Binsalleeh, H., Ormerod, T., Boukhtouta, A., Sinha, P., Youssef, A., Debbabi, M., and Wang, L. (2010, January 30). On the analysis of the Zeus botnetcrimeware toolkit. Proceedings of the Eighth Annual International Conference on Privacy Security and Trust (PST), Ottawa, ON, Canada.","DOI":"10.1109\/PST.2010.5593240"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Andriesse, D., Rossow, C., Stone-Gross, B., Plohmann, D., and Bos, H. (2013, January 22\u201324). Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus. Proceedings of the 8th International Conference on Malicious and Unwanted Software: \"The Americas\" (MALWARE), Fajardo, PR, USA.","DOI":"10.1109\/MALWARE.2013.6703693"},{"key":"ref_19","unstructured":"Gu, G., Zhang, J., and Lee, W. (2008, January 24\u201327). BotSniffer: Detecting botnetcommand and control channels in network traffic. Proceedings of the 15th Annual Network and Distributed System Security Symposium, San Diego, CA, USA."},{"key":"ref_20","unstructured":"Gu, G., Perdisci, R., Zhang, J., and Lee, W. (August, January 28). BotMiner: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. Proceedings of the USENIX Security Symposium, San Jose, CA, USA."},{"key":"ref_21","unstructured":"Goebel, J., and Holz, T. (2007, January 11\u201313). Rishi: Identify bot contaminated hosts byIRC nickname evaluation. Proceedings of the USENIX HotBots, Cambridge, MA, USA."},{"key":"ref_22","unstructured":"Yen, T.F., and Reiter, M.K. (2008, January 10\u201311). Traffic aggregation for malwaredetection. Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Paris, France."},{"key":"ref_23","unstructured":"Jun, L., Shunyi, Z., Yanqing, L., and Junrong, Y. (December, January 30). Real-time P2Ptraffic identification. Proceedings of the IEEE Global Telecommunications Conference, New Orleans, LO, USA."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Wang, P., Wu, L., Aslam, B., and Zou, C. (2015). Analysis of Peer-to-Peerbotnet attacks and defenses. Propagation Phenomena in Real World Networks, Springer.","DOI":"10.1007\/978-3-319-15916-4_8"},{"key":"ref_25","unstructured":"Kira, K., and Rendell, L.A. (1992, January 12\u201316). The feature selection problem: Traditionalmethods and a new algorithm. Proceedings of the Tenth National Conference on Artificial Intelligence, San Jose, CA, USA."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1023\/A:1025667309714","article-title":"Theoretical and empiricalanalysis of ReliefF and RReliefF","volume":"53","author":"Kononenko","year":"2003","journal-title":"Mach. Learn."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1369","DOI":"10.1016\/S0031-3203(02)00262-5","article-title":"Feature fusion: Parallel strategy vs. serial strategy","volume":"36","author":"Yang","year":"2003","journal-title":"Pattern Recogn."},{"key":"ref_28","unstructured":"The Honeynet Project (2007, October 22). French Chapter. Available online: http:\/\/www.honeynet.org\/chapters\/france."},{"key":"ref_29","unstructured":"Nazario, J. (2007, October 22). Black Energy DDoS Bot Analysis. Available online: http:\/\/atlas-public.ec2.arbor.net\/docs\/BlackEnergy\u00feDDoS\u00feBot\u00feAnalysis.pdf."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1016\/j.ymssp.2018.07.044","article-title":"Fault diagnosis of single-phase induction motor based on acoustic signals","volume":"117","author":"Glowacz","year":"2019","journal-title":"Mech. Syst. Signal Process."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Glowacz, A. (2018). Acoustic-Based Fault Diagnosis of Commutator Motor. Electronics, 7.","DOI":"10.3390\/electronics7110299"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1016\/j.infrared.2017.12.015","article-title":"Localization of thermal anomalies in electrical equipment using Infrared Thermography and support vector machine","volume":"89","author":"LaibditLeksir","year":"2018","journal-title":"Infrared Phys. Technol."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Glowacz, A. (2018). Recognition of acoustic signals of commutator motors. Appl. Sci., 8.","DOI":"10.3390\/app8122630"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"3","DOI":"10.4316\/AECE.2017.01001","article-title":"Wind Power Prediction Based on LS-SVM Model with Error Correction","volume":"17","author":"Zhang","year":"2017","journal-title":"Adv. Electr. Comput. Eng."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"1077","DOI":"10.1007\/s00170-016-8510-y","article-title":"Comparative analysis of the properties of the nodular cast iron with carbides and the austempered ductile iron with use of the machine learning and the support vector machine","volume":"87","author":"Regulski","year":"2016","journal-title":"Int. J. Adv. Manuf. Technol."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Hu, J., Huang, T., Zhou, J., and Zeng, J. (2018). Electronic Systems Diagnosis Fault in Gasoline Engines Based on Multi-Information Fusion. Sensors, 18.","DOI":"10.3390\/s18092917"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"270","DOI":"10.1784\/insi.2018.60.5.270","article-title":"An image recognition method for gear fault diagnosis in the manufacturing line of short filament fibres","volume":"60","author":"Jin","year":"2018","journal-title":"Insight"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Nanda, M.A., Seminar, K., Nandika, D., and Maddu, A. (2018). A Comparison Study of Kernel Functions in the Support Vector Machine and Its Application for Termite Detection. Information, 9.","DOI":"10.3390\/info9010005"}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/11\/3\/326\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,16]],"date-time":"2024-06-16T09:36:38Z","timestamp":1718530598000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/11\/3\/326"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,5]]},"references-count":38,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2019,3]]}},"alternative-id":["sym11030326"],"URL":"https:\/\/doi.org\/10.3390\/sym11030326","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2019,3,5]]}}}