Browse > Article
http://dx.doi.org/10.7472/jksii.2017.18.1.11

A Study on the Clustering method for Analysis of Zeus Botnet Attack Types in the Cloud Environment  

Bae, Won-il (Department of Computer Engineering, Ajou University)
Choi, Suk-June (Department of Computer Engineering, Ajou University)
Kim, Seong-Jin (National Security Research institute)
Kim, Hyeong-Cheon (National Security Research institute)
Kwak, Jin (Department of Cyber Security, Ajou University)
Publication Information
Journal of Internet Computing and Services / v.18, no.1, 2017 , pp. 11-20 More about this Journal
Abstract
Recently, developments in the various fields of cloud computing technology has been utilized. Whereas the demand for cloud computing services is increasing, security threats are also increasing in the cloud computing environments. Especially, in case when the hosts interconnected in the cloud environments are infected and propagated through the attacks by malware. It can have an effect on the resource of other hosts and other security threats such as personal information can be spreaded and data deletion. Therefore, the study of malware analysis to respond these security threats has been proceeded actively. This paper proposes a type of attack clustering method of Zeus botnet using the k-means clustering algorithm for malware analysis that occurs in the cloud environments. By clustering the malicious activity by a type of the Zeus botnet occurred in the cloud environments. it is possible to determine whether it is a malware or not. In the future, it sets a goal of responding to an attack of the new type of Zeus botnet that may occur in the cloud environments.
Keywords
Cloud computing; K-means clustering; Zeus botnet; Openstack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Michael R. Watson, Noor-ul-hassan Shirazi and An gelos K. Marnerides, "Malware Detection in Cloud Computing Infrastructures" IEEE Transactions on De pendable and Secure Computing. pp. 192-205, July. 2015. http://dx.doi.org/10.1109/TDSC.2015.2457918   DOI
2 Marcos Colon, Dan Raywood, "http://www.scmagazi neuk.com/new-variant-of-zeus-targets-logins-for-cloud -based-systems/article/236170/", SC Magazine UK, April, 2012.
3 Mark Graham, Adrian Winckles, "Botnet Detection within Cloud Service Provider Networks using Flow Protocols" INDIN 13th IEEE International Conferenc e on Industrial Informatics, At Cambridge, July. 2015. http://dx.doi.org/10.1109/INDIN.2015.7281975   DOI
4 N. Falliere, E. Chien "Zeus:King of the Bots Techni cal Report" Symantec, 2009. https://www.symantec.com/content/en/us/enterprise/media/security_response/ whitepapers/zeus_king_of_bots.pdf
5 Bill Buchanan, "Implementaion and Evaluation of a Botnet Analysis and Detection Methods in a Virtual Environment", Edinburgh Naphier University, Aug 2012. http://www.iidi.napier.ac.uk/c/publications/publicationid/13373235
6 H. Binsalleeh, T.Ormerod, "On the Analysis of the Z eus Botnet Crimeware Toolkit", Eighth Annual Inter national Conference on Privacy, Security and Trust, 2010. http://dx.doi.org/10.1109/PST.2010.5593240   DOI
7 Philip Schwartz, "Setup and Analysis of Zeus Banking Trojan V2.0.8.9", Volatility and LibVMI in a Vir tualized lab, August, 2014. http://docplayer.net/12934 657-Setup-and-analysis-of-zeus-banking-trojan-v-2-0- 8-9-w-volatility-and-libvmi-in-a-virtualized-lab.html
8 Jain, Anil K, "Data clustering: 50 years beyond K-meansq," Pattern Recognition Letters 31, pp. 651-666, 2010. http://dx.doi.org/10.1016/j.patrec.2009.09.011   DOI
9 J.A. Hartigan and M.A. Wong, "Algorithm AS 136 : A K-Means Clustering Algorithm", Journal of the Royal Statistical Society. Series C, pp. 100-108, 1979 http://dx.doi.org/10.2307/2346830   DOI
10 Pamulaparty, Lavanya, CV Guru Rao, and M. Sreenivasa Rao. "Cluster Analysis of Medical Research Data using R", Global Journal of Computer Science and Technology. 2016.
11 Mariano Graziano, Corrado Leita, Davide Balzarotti, "Towards Network Containment in Malware Analysis Systems", Annual Computer Security Applicati ons Conference. 2012. https://doi.org/10.1145/2420950.2421000   DOI
12 Khormali, Aminollah, and Jalil Addeh. "A novel approach for recognition of control chart patterns: Type-2 fuzzy clustering optimized support vector machine", ISA transactions. 2016. http://dx.doi.org/10.1016/j.isatra.2016.03.004   DOI
13 M. Irfan, M. Usman, Yan Zhuang, Simon Fong, "A critical Review of Security Threats in Cloud Computing", Internation Symposium on Computational and Business Intelligence. Dec. 2015. https://doi.org/10.1109/iscbi.2015.26   DOI