Browse > Article
http://dx.doi.org/10.9708/jksci.2014.19.4.081

Comparison of HMM and SVM schemes in detecting mobile Botnet  

Choi, Byungha (Research Institute of Information and Communication Convergence Technology)
Cho, Kyungsan (Dept. of Software Science, Dankook University)
Publication Information
Journal of the Korea Society of Computer and Information / v.19, no.4, 2014 , pp. 81-90 More about this Journal
Abstract
As mobile devices have become widely used and developed, PC based malwares can be moving towards mobile-based units. In particular, mobile Botnet reuses powerful malicious behavior of PC-based Botnet or add new malicious techniques. Different from existing PC-based Botnet detection schemes, mobile Botnet detection schemes are generally host-based. It is because mobile Botnet has various attack vectors and it is difficult to inspect all the attack vector at the same time. In this paper, to overcome limitations of host-based scheme, we compare two network-based schemes which detect mobile Botnet by applying HMM and SVM techniques. Through the verification analysis under real Botnet attacks, we present detection rates and detection properties of two schemes.
Keywords
Mobile Botnet; Detection System; HMM; SVM; Detection Rate;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 AK. Tyagi, G. Aghila "A Wide Scale Survey on Botnet," Procs. of International Journal of Computer Applications, Vol. 34, No.9, pp. 10-23, Nov. 2011.
2 Byungha Choi, Kyungsan Cho, "An Improved Detecting Scheme of Malicious Codes using HTTP Outbound Traffic," Journal of the Korea society of computer and information vo.14 no.9 pp.47-54, SEP. 2009.   과학기술학회마을
3 ByungHa Choi, Sung-kyo Choi, Kyungsan Cho, "Detection of Mobile Botnet Using VPN," Procs. of The Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2013), pages 142-148, 2013.
4 G. Delac, M. Silic and J. Krolo, "Emerging security threats for mobile platforms," Procs. of the 34th International Convention, MIPRO 2011, pp. 1468- 1473, 23-27 May. 2011.
5 Byungha Choi, Kyungsan Cho, "Two-Step Hierarchical Scheme for Detecting Detoured Attacks to the Web Server," ComSIS, vol 10, no 2, 633-649, 2013.   DOI   ScienceOn
6 Gu, Guofei, et al. "BotMiner: Clustering analysis of network traffic for protocol-andstructure-independent botnet detection," Procs. of the 17th conference on Security symposium. 2008.
7 Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, "Crowdroid: behavior-based malware detection system for android," Procs. of the 1st ACM workshop on Security and privacy in smartphones and mobile devices. ACM, pp. 15-26, 2011.
8 Falletta, Vincenzo, and Fabio Ricciato. "Detecting scanners: empirical assessment on a 3G network," International Journal of Network Security vol. 9, no. 2, pp.143-155, 2009.
9 L. Xie, X. Zhang, J. P. Seifert, S. Zhu, "pBMDS: a behavior-based malware detection system for cellphone devices," Procs. of the third ACM conference on Wireless network security. ACM. pp. 37-48, 2010.
10 A. Bose, X. Hu, K. G. Shin, T. Park, "Behavioral detection of malware on mobile handsets," In Procs. of the 6th international conference on Mobile systems, applications, and services. ACM. pp. 225-238, 2008.
11 Portokalidis, Georgios, et al. "Paranoid Android: versatile protection for smartphones," Procs. of the 26th Annual Computer Security Applications Conference. ACM, 2010.
12 Vural, Ickin, and Hein S. Venter. "Combating Mobile Spam through Botnet Detection using Artificial Immune Systems," Journal of Universal Computer Science 18.6 pp. 750-774. 2012.
13 Edson J.R. Justino, Flavio Bortolozzi, Robert Sabourin, "A comparison of SVM and HMM classifiers in the off-line signature verification," Pattern Recognition Letters, vol 26, Issue 9, pp. 1377-1385, 2005.   DOI   ScienceOn
14 B-H. Juang, Lawrence R. Rabiner. "The segmental K-means algorithm for estimating parameters of hidden Markov models," Procs. of Acoustics, Speech and Signal Processing, IEEE Transactions on 38.9, pp. 1639-1641, 1990.   DOI   ScienceOn
15 Yi-Lin Lin, Gang Wei, "Speech emotion recognition based on HMM and SVM," Machine Learning and Cybernetics, 2005. Procs of 2005 International Conference on, vol. 8, pp. 18-21, 2005.
16 Miao, Qiang, Hong-Zhong Huang, and Xianfeng Fan. "A comparison study of support vector machines and hidden Markov models in machinery condition monitoring," Journal of Mechanical Science and Technology, pp. 607-615, 2007
17 Wireshark, http://wireshark.com/
18 NQ Mobile, NQ Mobile 2011 Mobile Security Report, 2012.