Botnet Detection System Analysis on the Effect of Botnet Evolution and Feature Representation

Created by W.Langdon from gp-bibliography.bib Revision:1.4340

  author =       "Fariba Haddadi and A. Nur Zincir-Heywood",
  title =        "Botnet Detection System Analysis on the Effect of
                 Botnet Evolution and Feature Representation",
  booktitle =    "SecDef'2015 - Workshop on genetic and evolutionary
                 computation in defense, security and risk management",
  year =         "2015",
  editor =       "Frank W. Moore and Nur Zincir-Heywood",
  isbn13 =       "978-1-4503-3488-4",
  keywords =     "genetic algorithms, genetic programming",
  pages =        "893--900",
  month =        "11-15 " # jul,
  organisation = "SIGEVO",
  address =      "Madrid, Spain",
  URL =          "",
  DOI =          "doi:10.1145/2739482.2768435",
  publisher =    "ACM",
  publisher_address = "New York, NY, USA",
  abstract =     "Botnets are known as one of the main destructive
                 threats that have been active since 2003 in various
                 forms. The ability to upgrade the structure and
                 algorithms on the fly is part of what causes botnets to
                 survive for more than a decade. Hence, one of the main
                 concerns in designing a botnet detection system is how
                 long such a system can be effective and useful
                 considering the evolution of a given botnet.
                 Furthermore, the data representation and the feature
                 extraction components have always been an important
                 issue in order to design a robust detection system. In
                 this work, we employ machine learning algorithms
                 (genetic programming and decision trees) to explore two
                 questions: (i) How can the representation of
                 non-numeric features effect the detection system's
                 performance? and (ii) How long can a machine learning
                 based detection system can perform effectively? To this
                 end, we gathered seven Zeus botnet data sets over a
                 period of four years and analysed three different data
                 representation techniques to be able to explore
                 aforementioned questions.",
  notes =        "Also known as \cite{2768435} Distributed at

Genetic Programming entries for Fariba Haddadi Nur Zincir-Heywood