Presentation is loading. Please wait.

Presentation is loading. Please wait.

Integrating BotMiner and SNARE into SMITE Nick Feamster and Wenke Lee Students: Shuang Hao and Junjie Zhang Georgia Tech.

Published byJose Monroe Modified over 10 years ago

Similar presentations

Presentation on theme: "Integrating BotMiner and SNARE into SMITE Nick Feamster and Wenke Lee Students: Shuang Hao and Junjie Zhang Georgia Tech."— Presentation transcript:

1 Integrating BotMiner and SNARE into SMITE Nick Feamster and Wenke Lee Students: Shuang Hao and Junjie Zhang Georgia Tech

2 Current Status Implementations using flows from pipeline –SNARE (Perl + R), uses SMTP (port 25) –BotMiner (Java + R + MySQL) Offline performance evaluation BotMiner SNARE

3 Evaluation Configuration: –1 day of packet capture from university network –2-processor dual-core Intel Xeon 2.0 GHz, with 8 GB of RAM SNARE –Extract features (Perl): 1072.27 seconds, 72 MB –Training (R):472.03 seconds, 3.3 GB –Detection time (R): 3.13 seconds, 120 MB BotMiner –Prune, insert into DB: 25,200 seconds –Aggregate c-flows: 61 seconds –Cross-plane correlation: 175 seconds

4 Next Steps Re-design aspects of SNARE for online detection (currently, works on labeled datasets) Online evaluation in the university network Applying sampling to improve the performance

Download ppt "Integrating BotMiner and SNARE into SMITE Nick Feamster and Wenke Lee Students: Shuang Hao and Junjie Zhang Georgia Tech."

Similar presentations

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.
Symantec 2010 Windows 7 Migration Global Results.

Symantec 2010 Windows 7 Migration Global Results.
Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.
Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.
Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu1,2, Roberto Perdisci3, Junjie Zhang1,

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu1,2, Roberto Perdisci3, Junjie Zhang1,
Campus Testbed for Network Management and Operations Nick Feamster Georgia Tech Joint with Ankur Nayak, Russ Clark, Ron Hutchins, Campus OIT Also input.

Campus Testbed for Network Management and Operations Nick Feamster Georgia Tech Joint with Ankur Nayak, Russ Clark, Ron Hutchins, Campus OIT Also input.
1 Integrating BotMiner & SNARE into SMITE Nick Feamster and Wenke Lee Georgia Tech Students: Shuang Hao, Junjie Zhang.

1 Integrating BotMiner & SNARE into SMITE Nick Feamster and Wenke Lee Georgia Tech Students: Shuang Hao, Junjie Zhang.
1 Network-Level Spam Detection Nick Feamster Georgia Tech.

1 Network-Level Spam Detection Nick Feamster Georgia Tech.
6/1/2014FLOCON 2009, Scottsdale, AZ. DoD Disclaimer 6/1/2014FLOCON 2009, Scottsdale, AZ This document was prepared as a service to the DoD community.

6/1/2014FLOCON 2009, Scottsdale, AZ. DoD Disclaimer 6/1/2014FLOCON 2009, Scottsdale, AZ This document was prepared as a service to the DoD community.
Solving Manufacturing Equipment Monitoring Through Efficient Complex Event Processing Tilmann Rabl, Kaiwen Zhang, Mohammad Sadoghi, Navneet Kumar Pandey,

Solving Manufacturing Equipment Monitoring Through Efficient Complex Event Processing Tilmann Rabl, Kaiwen Zhang, Mohammad Sadoghi, Navneet Kumar Pandey,
ArcGIS Server Architecture at the DNR GIS/LIS Conference, October 2013.

ArcGIS Server Architecture at the DNR GIS/LIS Conference, October 2013.
The Protein Folding Problem David van der Spoel Dept. of Cell & Mol. Biology Uppsala, Sweden

The Protein Folding Problem David van der Spoel Dept. of Cell & Mol. Biology Uppsala, Sweden
Dawei Lin, Ph.D. Director, Bioinformatics Core UC Davis Genome Center July 20, 2008, SLIMS (Solexa sequencing.

Dawei Lin, Ph.D. Director, Bioinformatics Core UC Davis Genome Center July 20, 2008, SLIMS (Solexa sequencing.
1 A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection 許富皓 資訊工程學系 中央大學 1.

1 A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection 許富皓 資訊工程學系 中央大學 1.
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
Target Learning for Wireless Sensor Networks Prasanth Jeevan.

Target Learning for Wireless Sensor Networks Prasanth Jeevan.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
Motor Vehicle Inspector. About Mobile vehicle Inspector is application for traffic check post officers to fine and maintain the records for the defaulting.

Motor Vehicle Inspector. About Mobile vehicle Inspector is application for traffic check post officers to fine and maintain the records for the defaulting.
Big Data and Hadoop and DLRL Introduction to the DLRL Hadoop Cluster Sunshin Lee and Edward A. Fox DLRL, CS, Virginia Tech 21 May 2015 presentation for.

Big Data and Hadoop and DLRL Introduction to the DLRL Hadoop Cluster Sunshin Lee and Edward A. Fox DLRL, CS, Virginia Tech 21 May 2015 presentation for.

Similar presentations

Ads by Google