| dc.creator | García, Sebastián | |
| dc.creator | Grill, M. | |
| dc.creator | Stiborek, J. | |
| dc.creator | Zunino Suarez, Alejandro Octavio | |
| dc.date.accessioned | 2016-07-28T19:30:27Z | |
| dc.date.accessioned | 2018-11-06T14:15:39Z | |
| dc.date.available | 2016-07-28T19:30:27Z | |
| dc.date.available | 2018-11-06T14:15:39Z | |
| dc.date.created | 2016-07-28T19:30:27Z | |
| dc.date.issued | 2014-06 | |
| dc.identifier | García, Sebastián; Grill, M.; Stiborek, J.; Zunino Suarez, Alejandro Octavio; An Empirical Comparison of Botnet Detection Methods; Elsevier; Computers & Security; 45; 6-2014; 100-123 | |
| dc.identifier | 0167-4048 | |
| dc.identifier | http://hdl.handle.net/11336/6772 | |
| dc.identifier.uri | http://repositorioslatinoamericanos.uchile.cl/handle/2250/1884494 | |
| dc.description.abstract | The results of botnet detection methods are usually presented without any comparison. Although it is generally accepted that more comparisons with third-party methods may help to improve the area, few papers could do it. Among the factors that prevent a comparison are the difficulties to share a dataset, the lack of a good dataset, the absence of a proper description of the methods and the lack of a comparison methodology. This paper compares the output of three different botnet detection methods by executing them over a new, real, labeled and large botnet dataset. This dataset includes botnet, normal and background traffic. The results of our two methods (BClus and CAMNEP) and BotHunter were compared using a methodology and a novel error metric designed for botnet detections methods. We conclude that comparing methods indeed helps to better estimate how good the methods are, to improve the algorithms, to build better datasets and to build a comparison methodology. | |
| dc.language | eng | |
| dc.publisher | Elsevier | |
| dc.relation | info:eu-repo/semantics/altIdentifier/url/http://www.sciencedirect.com/science/article/pii/S0167404814000923 | |
| dc.relation | info:eu-repo/semantics/altIdentifier/doi/http://dx.doi.org/10.1016/j.cose.2014.05.011 | |
| dc.relation | info:eu-repo/semantics/altIdentifier/doi/10.1016/j.cose.2014.05.011 | |
| dc.rights | https://creativecommons.org/licenses/by-nc-nd/2.5/ar/ | |
| dc.rights | info:eu-repo/semantics/restrictedAccess | |
| dc.subject | Botnet detection | |
| dc.subject | Malware detection | |
| dc.subject | Methods comparison | |
| dc.subject | Botnet dataset | |
| dc.subject | Anomaly detection | |
| dc.subject | Network traffic | |
| dc.title | An Empirical Comparison of Botnet Detection Methods | |
| dc.type | Artículos de revistas | |
| dc.type | Artículos de revistas | |
| dc.type | Artículos de revistas | |
