Poster abstract: Themis: A data-driven approach to bot detection

Patrick Kalmbach, Andreas Blenk, Wolfgang Kellerer, Stefan Schmid

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

We propose Themis, a bot detection approach based on the inference of the structure of time varying IP-to-IP communication with the Stochastic Block Model (SBM). Themis uses the inferred structure to detect and quantify abnormal behavior of individual hosts. The novelty of our approach is the use of probabilistic inference directly on host interactions to model normality. The challenges of our approach are the adaptation of the inference process to obtain usable outputs in a dynamic system, and the specification of abnormal behavior with respect to the inferred structure. Themis identifies infected hosts with accuracy larger 95 % and compares favorably against state of the art botnet detection mechanisms.

Original languageEnglish
Title of host publicationINFOCOM 2018 - IEEE Conference on Computer Communications Workshops
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-2
Number of pages2
ISBN (Electronic)9781538659793
DOIs
StatePublished - 6 Jul 2018
Event2018 IEEE Conference on Computer Communications Workshops, INFOCOM 2018 - Honolulu, United States
Duration: 15 Apr 201819 Apr 2018

Publication series

NameINFOCOM 2018 - IEEE Conference on Computer Communications Workshops

Conference

Conference2018 IEEE Conference on Computer Communications Workshops, INFOCOM 2018
Country/TerritoryUnited States
CityHonolulu
Period15/04/1819/04/18

Keywords

  • Bot Detection
  • Cyber Security
  • Probabilistic Inference
  • Stochastic Block Model
  • Unsupervised Learning

Fingerprint

Dive into the research topics of 'Poster abstract: Themis: A data-driven approach to bot detection'. Together they form a unique fingerprint.

Cite this