Yes / Over the past decade, the digitization of services transformed the healthcare sector leading to
a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value
of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware
have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to
the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can
be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet,
for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical
ultrastructure systems. There are two stages in the development of the proposed system: 1) we have developed
four detection modules to detect different possible techniques used in botnet C&C communications and
2) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection
modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate
with 82.3% and 13.6%, respectively. Furthermore, it proves BotDet capability of real time detection.
Identifer | oai:union.ndltd.org:BRADFORD/oai:bradscholars.brad.ac.uk:10454/17617 |
Date | 24 January 2020 |
Creators | Ghafir, Ibrahim, Prenosil, V., Hammoudeh, M., Baker, T., Jabbar, S., Khalid, S., Jaf, S. |
Source Sets | Bradford Scholars |
Language | English |
Detected Language | English |
Type | Article, Published version |
Rights | This work is licensed under a Creative Commons Attribution 3.0 License. For more information, see http://creativecommons.org/licenses/by/3.0/ |
Page generated in 0.0169 seconds