WEKO3
アイテム
Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm
https://ipsj.ixsq.nii.ac.jp/records/95717
https://ipsj.ixsq.nii.ac.jp/records/957177a401235-d486-4bcd-8a9b-a148b0aae06f
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JIP2104004.pdf (413.0 kB)
|
Copyright (c) 2013 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | JInfP(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2013-10-15 | |||||||
| タイトル | ||||||||
| タイトル | Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | Mining Botnet Coordinated Attacks using Apriori-PrefixSpan Hybrid Algorithm | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | [Special Issue on Computer Security Technology for Enriching the Future] botnet, data-mining, Apriori, PrefixSpan | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||
| 資源タイプ | journal article | |||||||
| 著者所属 | ||||||||
| Hitachi Ltd., Security & Smart ID Solutions Division | ||||||||
| 著者所属 | ||||||||
| Department of Frontier Media Science, School of Interdisciplinary Mathematical Sciences, Meiji University/School of Information and Telecommunication Engineering, Tokai University | ||||||||
| 著者所属 | ||||||||
| School of Vocational, Universitas Gadjah Mada | ||||||||
| 著者所属 | ||||||||
| Hitachi Ltd., Hitachi Incident Response Team (HIRT) | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Hitachi Ltd., Security & Smart ID Solutions Division | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Department of Frontier Media Science, School of Interdisciplinary Mathematical Sciences, Meiji University / School of Information and Telecommunication Engineering, Tokai University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| School of Vocational, Universitas Gadjah Mada | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Hitachi Ltd., Hitachi Incident Response Team (HIRT) | ||||||||
| 著者名 |
Masayuki, Ohrui
× Masayuki, Ohrui
|
|||||||
| 著者名(英) |
Masayuki, Ohrui
× Masayuki, Ohrui
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | This paper aims to detect features of coordinated attacks by applying data mining techniques, namely Apriori with PrefixSpan, to the CCC DATAset 2008-2010, which comprises captured packet data and downloading logs. Data mining algorithms enable us to automate the detection of characteristics in large amounts of data, which conventional heuristics cannot deal with. Apriori achieves a high recall but with false positives, whereas PrefixSpan has high precision but low recall. We therefore propose a hybrid of these two algorithms. Our analysis shows a change in the behavior of malware over the past three years. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AA00700121 | |||||||
| 書誌情報 |
Journal of information processing 巻 21, 号 4, p. 607-616, 発行日 2013-10-15 |
|||||||
| ISSN | ||||||||
| 収録物識別子タイプ | ISSN | |||||||
| 収録物識別子 | 1882-6652 | |||||||
| 出版者 | ||||||||
| 言語 | ja | |||||||
| 出版者 | 情報処理学会 | |||||||
