Yousof Al-Hammadi
DCA for bot detection
Al-Hammadi, Yousof; Aickelin, Uwe; Greensmith, Julie
Abstract
Ensuring the security of computers is a non-trivial task, with many techniques used by malicious users to compromise these systems. In recent years a new threat has emerged in the form of networks of hijacked zombie machines used to perform complex distributed attacks such as denial of service and to obtain sensitive data such as password information. These zombie machines are said to be infected with a dasiahotpsila - a malicious piece of software which is installed on a host machine and is controlled by a remote attacker, termed the dasiabotmaster of a botnetpsila. In this work, we use the biologically inspired dendritic cell algorithm (DCA) to detect the existence of a single hot on a compromised host machine. The DCA is an immune-inspired algorithm based on an abstract model of the behaviour of the dendritic cells of the human body. The basis of anomaly detection performed by the DCA is facilitated using the correlation of behavioural attributes such as keylogging and packet flooding behaviour. The results of the application of the DCA to the detection of a single hot show that the algorithm is a successful technique for the detection of such malicious software without responding to normally running programs.
Citation
Al-Hammadi, Y., Aickelin, U., & Greensmith, J. (2008). DCA for bot detection. In IEEE Congress on Evolutionary Computation, 2008: CEC 2008. IEEE
| Conference Name | IEEE World Congress on Computational Intelligence (WCCI2008), Hong Kong |
|---|---|
| Publication Date | Jan 1, 2008 |
| Deposit Date | May 8, 2009 |
| Publicly Available Date | May 8, 2009 |
| Journal | Proceedings of the IEEE World Congress on Computational Intelligence (WCCI2008), Hong Kong |
| Peer Reviewed | Peer Reviewed |
| Book Title | IEEE Congress on Evolutionary Computation, 2008: CEC 2008 |
| Public URL | https://nottingham-repository.worktribe.com/output/1015440 |
| Publisher URL | http://ieeexplore.ieee.org/xpl/tocresult.jsp?isnumber=4630767&isYear=2008&count=604&page=10&ResultStart=250 |
| Related Public URLs | http://www.wcci2008.org/ |
| Additional Information | Originally presented at the IEEE World Conference on Computational Intelligence, held in Hong Kong, 6-8 June 2008. |
Files
al-hammadi2008.pdf
(177 Kb)
PDF
You might also like
Further Exploration of Necrotic Control of Evolved Art
(2020)
Presentation / Conference Contribution
Necrotic Control of the Aesthetics of Evolved Art
(2020)
Presentation / Conference Contribution
Migration threshold tuning in the deterministic dendritic cell algorithm
(2019)
Book Chapter
The Functional Dendritic Cell Algorithm: A formal specification with Haskell
(2017)
Presentation / Conference Contribution
Exploiting the Plasticity of Primary and Secondary Response Mechanisms in Artificial Immune Systems
(2016)
Presentation / Conference Contribution
Downloadable Citations
About Repository@Nottingham
Administrator e-mail: discovery-access-systems@nottingham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search