|
|
|
| Online Botnet Detection Algorithm Using MapReduce |
| Jiang Hong-ling① Shao Xiu-li① Li Yao-fang② |
①(College of Information Technical Science, Nankai University, Tianjin 300071, China)
②(College of Computer and Information, Tianjin Institute of Urban Construction, Tianjin 300384, China) |
|
|
|
|
Abstract Most current botnet detection approaches are based on analyzing network traffic and they usually rely on malicious behaviors of bots or need information provided by external systems. Besides, the huge computation of traditional approaches is difficult to meet the real time requirement. So an online botnet detection approach is proposed based on MapReduce. The approach detects botnet by analyzing network traffic and extracting intra relationship of flows. The data analysis is carried out in cloud platform which makes the data capture and data analysis working simultaneously and realizes online detection. The experimental results show that the detection rate of the approach can achieve 90% and the false positive rate is below 5%. When the data is large, the speedup is close to linear. It proves the feasibility of applying cloud computing technologies to botnet detection.
|
|
Received: 12 November 2012
|
|
|
|
Corresponding Authors:
Jiang Hong-ling
E-mail: hellojhl@163.com
|
|
|
|
|
|
|
2013, Vol. 35 
