Share Email Print

Proceedings Paper

An immunological model for detecting bot activities
Author(s): Md E. Karim; Vir V. Phoha; Md A. Sultan
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

We develop a hierarchical immunological model to detect bot activities in a computer network. In the proposed model antibody (detector)-antigen (foreign object) reactions are defined using negative selection based approach and negative systems-properties are defined by various temporal as well as non-temporal systems features. Theory of sequential hypothesis testing has been used in the literature for identifying spatial-temporal correlations among malicious remote hosts and among the bots within a botnet. We use it for combining multiple immunocomputing based decisions too. Negative selection based approach defines a self and helps identifying non-selves. We define non-selves with respect to various systems characteristics and then use different combinations of non-selves to design bot detectors. Each detector operates at the client sites of the network under surveillance. A match with any of the detectors suggests presence of a bot. Preliminary results suggest that the proposed model based solutions can improve the identification of bot activities.

Paper Details

Date Published: 19 May 2009
PDF: 6 pages
Proc. SPIE 7352, Intelligent Sensing, Situation Management, Impact Assessment, and Cyber-Sensing, 73520U (19 May 2009); doi: 10.1117/12.819073
Show Author Affiliations
Md E. Karim, Louisiana Tech Univ. (United States)
Vir V. Phoha, Louisiana Tech Univ. (United States)
Md A. Sultan, Louisiana Tech Univ. (United States)

Published in SPIE Proceedings Vol. 7352:
Intelligent Sensing, Situation Management, Impact Assessment, and Cyber-Sensing
Stephen Mott; John F. Buford; Gabriel Jakobson, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?