Abstract
In recent years, botnet is one of the major threats to network security. Many approaches have been proposed to detect botnets by comparing bot features. Usually, these approaches adopt traffic reduction strategy as first step to reduce the flow to following strategies by filtering packets. With the rapid development of network hardware and software the network speed has reached to multi-gigabit. However, analyzing header and payload of every packet consumes huge amount of computational resources and is not suitable for many realistic situations. Although signature-based solutions are accurate, it is not possible to detect bot variants in real-time. In this study, we proposed a GPU-based botnet detection approach. The experimental results show that the network traffic reduction stage on GPU can achieve about 8x times over CPU based botnet detection tool. The proposed algorithm can used to improve the performance of botnet detection tools efficiently.
Original language | English |
---|---|
Title of host publication | 2014 IEEE/ACIS 13th International Conference on Computer and Information Science, ICIS 2014 - Proceedings |
Editors | Yan Han, Wenai Song, Simon Xu, Lichao Chen, Roger Lee |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 65-70 |
Number of pages | 6 |
ISBN (Electronic) | 9781479948604 |
DOIs | |
State | Published - 26 09 2014 |
Externally published | Yes |
Event | 2014 13th IEEE/ACIS International Conference on Computer and Information Science, ICIS 2014 - Proceedings - Taiyuan, China Duration: 04 06 2014 → 06 06 2014 |
Publication series
Name | 2014 IEEE/ACIS 13th International Conference on Computer and Information Science, ICIS 2014 - Proceedings |
---|
Conference
Conference | 2014 13th IEEE/ACIS International Conference on Computer and Information Science, ICIS 2014 - Proceedings |
---|---|
Country/Territory | China |
City | Taiyuan |
Period | 04/06/14 → 06/06/14 |
Bibliographical note
Publisher Copyright:© 2014 IEEE.
Keywords
- Bot
- Botnet
- GPU
- Network Security
- Parallel Computing
- TCP