Ontological Engineering Approach Towards Botnet Detection in Network Forensics
Journal Title: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY - Year 2013, Vol 10, Issue 9
Abstract
The abundance in the usage of Internet, in every arena of life from social to personal, commercial to domestic and other aspects of life as well, leads the rise in cybercrime at an upsetting speed. More illegal activities as a result of cyber crime, reason to tempts many network attacks and threats. Network forensics is the branch of fornesics that deals in the detection of network attacks. Botnet is one of the most common attacks, but hazardos. It  is a network of hacked computers It  involves the capturing, storing and then analysis of the network packets, in order to identify the source of the attack.  Various methods based on this approach for botnet detection are suggested in literature but there is no generalized method to represent the basic methodology used by any of the botnet detection method. With such guidelines, the comparison among the various implementations, a roadmap for the new implementation, development of reusable implementations can be addressed. Accordingly, there is a requirement of a generic framework that can characterize the general methodology followed by any of the botnet detection methods. This paper, review various prevalent methods of botnet detection to extract commonalities among them. A global model for the detection of botnets is represented as ontology. Ontology is used as a means of knowledge representation. The botnet ontology is represented using Web Ontology Language (OWL). OWL is used because it is a language with layered architecture and high expressive power.Â
Authors and Affiliations
Sukhdilpreet Kaur, Amandeep Verma
Keywords
Related Articles
- EP ID EP650242
- DOI 10.24297/ijct.v10i9.1390
- Views 104
- Downloads 0
Optimal Parallelization Of Loop Structures
This paper is intended to be a follow up of the work done by the authors in previous articles. On one hand it is concluded with a theorem that proves to be a definite answer to one very important research direction and o...
Aggregating IDS Alerts Based on Time Threshold: Testing and Results
Every secure system has the possibility to fail. Therefore, extra effort should be taken to protect these systems. Intrusion Detection Systems (IDSs) had been proposed with the aim of providing extra protection to securi...
Performance Evaluation of Log-normal And Negative Exponential Channel Modeling Using Various Modulation Techniques in OFDM-FSO Communication
Free Space Optics (FSO) is one of the emerging technology which is thoroughly being popular and is basically using optical signals for the communication. The paper evaluates the bit error rate performance of the Free spa...
ANALYSIS OF SUCCESS DRIVERS OF E-HEALTH INFRASTRUCTURE AND USE: A NATIONAL LEVEL STUDY
e-Health, in form of websites that contain information on health, is emerging as an important resource for common people in some developed nations. The purpose of the study is to explore the critical factors that drive t...
Predilection of Reusability over Maintainability in Aspect-Oriented Systems
Maintenance is the important phase in software development lifecycle which initiates after the software has been deployed for use. Reusability is an important area of concern which depicts the extent to which a module c...