The high costs incurred due to attacks and the increasing number of different devices in the Internet of Things(IoT)highlight the necessity of the early detection of botnets(i.e.,a network of infected devices)to gain ...The high costs incurred due to attacks and the increasing number of different devices in the Internet of Things(IoT)highlight the necessity of the early detection of botnets(i.e.,a network of infected devices)to gain an advantage against attacks.However,early botnet detection is challenging because of continuous malware mutations,the adoption of sophisticated obfuscation techniques,and the massive volume of data.The literature addresses botnet detection by modeling the behavior of malware spread,the classification of malicious traffic,and the analysis of traffic anomalies.This article details ANTE,a system for ANTicipating botnEt signals based on machine learning algorithms.The system adapts itself to different scenarios and detects different types of botnets.It autonomously selects the most appropriate Machine Learning(ML)pipeline for each botnet and improves the classification before an attack effectively begins.The system evaluation follows trace-driven experiments and compares ANTE results to other relevant results from the literature over four representative datasets:ISOT HTTP Botnet,CTU-13,CICDDoS2019,and BoT-IoT.Results show an average detection accuracy of 99.06%and an average bot detection precision of 100%.展开更多
The rise of online social platforms has enhanced connectivity and access to information.Still,it has also enabled the proliferation of malicious social bots that threaten platform security and disrupt social order.In ...The rise of online social platforms has enhanced connectivity and access to information.Still,it has also enabled the proliferation of malicious social bots that threaten platform security and disrupt social order.In this paper,we introduce a unified framework for defining and classifying malicious social bots along three dimensions:behavior,interaction,and operation.We then present a comprehensive review of social bot detection methods,tracing their evolution from traditional machine learning techniques to deep learning architectures and graph neural networks,with particular emphasis on recent advances in group-level detection.We also explore the emerging paradigm of Large Language Model(LLM)based bot detection.This paper reviews the current state of research,identifies key challenges,and outlines future directions.It provides a cohesive foundation for building more robust detection frameworks to counter the evolving threats posed by malicious social bots.展开更多
基金This work was supported by National Council for Scientific and Technological Development(CNPq/Brazil)grants#309129/2017-6 and#432204/2018-0,by Sao Paulo Research Foundation(FAPESP)+2 种基金grant#2018/23098-0,by the Coordination for the Improvement of Higher Education Personnel CAPES/Brazilgrants#88887.501287/2020-00 and#88887.509309/2020–00by the National Teaching and Research Network(RNP)by the GT-Periscope project.
文摘The high costs incurred due to attacks and the increasing number of different devices in the Internet of Things(IoT)highlight the necessity of the early detection of botnets(i.e.,a network of infected devices)to gain an advantage against attacks.However,early botnet detection is challenging because of continuous malware mutations,the adoption of sophisticated obfuscation techniques,and the massive volume of data.The literature addresses botnet detection by modeling the behavior of malware spread,the classification of malicious traffic,and the analysis of traffic anomalies.This article details ANTE,a system for ANTicipating botnEt signals based on machine learning algorithms.The system adapts itself to different scenarios and detects different types of botnets.It autonomously selects the most appropriate Machine Learning(ML)pipeline for each botnet and improves the classification before an attack effectively begins.The system evaluation follows trace-driven experiments and compares ANTE results to other relevant results from the literature over four representative datasets:ISOT HTTP Botnet,CTU-13,CICDDoS2019,and BoT-IoT.Results show an average detection accuracy of 99.06%and an average bot detection precision of 100%.
基金supported by the National Natural Science Foundation of China(No.62302213)Key Laboratory of Social Computing and Cognitive Intelligence(Dalian University of Technology),Ministry of Education,China.
文摘The rise of online social platforms has enhanced connectivity and access to information.Still,it has also enabled the proliferation of malicious social bots that threaten platform security and disrupt social order.In this paper,we introduce a unified framework for defining and classifying malicious social bots along three dimensions:behavior,interaction,and operation.We then present a comprehensive review of social bot detection methods,tracing their evolution from traditional machine learning techniques to deep learning architectures and graph neural networks,with particular emphasis on recent advances in group-level detection.We also explore the emerging paradigm of Large Language Model(LLM)based bot detection.This paper reviews the current state of research,identifies key challenges,and outlines future directions.It provides a cohesive foundation for building more robust detection frameworks to counter the evolving threats posed by malicious social bots.
