Hatada, M.
and Scholl, M.
(2020),
An Empirical Study on Flow-based Botnet Attacks Prediction, Technical Note (NIST TN), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.TN.2111
(Accessed April 28, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
An Empirical Study on Flow-based Botnet Attacks Prediction
Published
Author(s)
,
Abstract
In the era of the Internet of Things, botnet threats are rising, which has prompted many studies on botnet detection and measurement. In contrast, this study aims to predict botnet attacks, such as massive spam emails and distributed denial-of-service attacks. To that end, this empirical study presents a prediction method for botnet attacks. The method leverages measurement of command and control (C2) activities and automated labeling by associating C2 with attacks. The method was evaluated using a large-scale, real-world, and long-term dataset. The result shows that the proposed method can predict an increase in attacks with an accuracy of 0.767. The contribution to prediction was further analyzed in terms of features and time.Citation
Technical Note (NIST TN) - 2111
Report Number
2111
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
Attack prediction, botnet, command and control, LSTM
Citation
Created October 21, 2020, Updated October 27, 2020