Acknowledgement
Supported by : 한국연구재단
References
- Y. Xie, S. Z. Yu, "Monitoring the application-layer DDoS attacks for popular websites," IEEE/ACM Transactions on Networking, Vol. 17, No. 1, pp. 15-25, 2009. https://doi.org/10.1109/TNET.2008.925628
- G. Gu, R. Perdisci, J. Zhang, W. Lee, "BotMiner: Clustering Analysis of Network Traffic for Protocoland Structure-Independent Botnet Detection," SS'08 Proceedings of the 17th conference on Security symposium, pp. 139-154, 2008.
- J. Zhang, R. Perdisci, W. Lee, U. Sarfraz, X. Luo, "Detecting stealthy P2P botnets using statistical traffic fingerprints," Dependable Systems & Networks (DSN), 2011 IEEE/IFIP 41st International Conference on, pp. 121-132, 2011.
- H. R. Zeidanloo, M. J. Z. Shooshtari, P. V. Amoli, M. Safari, M. Zamani, "A taxonomy of Botnet detection techniques," Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on, Vol. 2, pp. 158-162, 2010.
- T. Thapngam, S. Yu, W. Zhou, G. Beliakov, "Discriminating DDoS attack traffic from flash crowd through packet arrival patterns," Computer Communications Workshops (INFOCOM WKSHPS), 2011 IEEE Conference on, pp. 952-957, 2011.
- J. Mirkovic, P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communication Review, Vol. 34, No. 2, pp. 39-53, 2004.
- K. Lee, J. Kim, K. H. Kwon, Y. Han, S. Kim, "DDoS attack detection method using cluster analysis," Expert Systems with Applications, Vol. 34, No. 3, pp. 1659-1665, 2008. https://doi.org/10.1016/j.eswa.2007.01.040
- S. Saad, I. Traore, A. Ghorbani, B. Sayed, D. Zhao, L. Wei, J. Felix, P. Hakimian, "Detecting P2P botnets through network behavior analysis and machine learning," Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference on, pp.174-180, 2011.
- H. Choi, H. Lee, "Identifying botnets by capturing group activities in DNS traffic," Computer Networks, Vol. 56, No. 1, pp. 20-33, 2012. https://doi.org/10.1016/j.comnet.2011.07.018
- S. Stover, D. Dittrich, J. Hernandez, S. Dietrich, "Analysis of the Storm and Nugache trojans: P2P is here," ;login:, Vol. 32, No. 6, pp. 18-27, 2007.
- G. Sinclair, C. Nunnery, B. H. Kang, "The waledac protocol: The how and why," Malicious and Unwanted Software (MALWARE), 2009 4th International Conference on, pp. 69-77, 2009.
- J. A. Hartigan, M. A. Wong, "A K-Means Clustering Algorithm," Journal of the Royal Statistical Society, Series C (Applied Statistics), Vol. 28, pp. 100-108, 1979.
- S. C. Johnson, "Hierarchical clustering schemes," Psychometrika, Vol. 32, No. 3, pp. 241-254, 1967. https://doi.org/10.1007/BF02289588
- G. W. Milligan, M. C. Cooper, "An examination of procedures for determining the number of clusters in a data set," Psychometrika, Vol. 50, No. 2, pp. 159-179, 1985. https://doi.org/10.1007/BF02294245
- D. Pelleg, A. Moore, "X-means: Extending K-means with Efficient Estimation of the Number of Clusters," In Proceedings of the 17th International Conf. on Machine Learning, pp. 727-734, 2000.
- DARPA Dataset [Online]. Available: http://www.ll.mit.edu/mission/communications/cyber/CSTcorpora/ideval/data/2000data.html
- ISOT Dataset [Online]. Available: http://www.uvic.ca/engineering/ece/isot/datasets/index.php
- T. Karagiannis, A. Broido, M. Faloutsos, K. claffy, "Transport layer identification of P2P traffic," Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pp. 121-134, 2004.