Наредни састанак Семинара биће одржан онлајн у среду, 9. април 2025. године, са почетком у 19 часова.
Предавач: Ђорђе Јовановић, Mathematical Institute SASA
Наслов предавања: ML-BASED BOTNET DETECTION SYSTEM USING TIME SERIES CHARACTERISTICS
Апстракт:
Botnets represent a class of computer viruses where a malicious attacker uses a network of infected devices for malicious purposes (DDoS attacks, identity theft, Instagram popularity). With the advent of botnets that target IoT devices, such as Mirai, nowadays even more devices can be easily infected, since they do not possess security capabilities on their own. Therefore, the protection of such devices must be managed from another part of the network. The main question this lecture tries to answer is: can a real-time ML-based security system, which would leverage main characteristics of botnet communication and be as memory efficient as possible, be made? Over a period of four years, live samples of botnet viruses of class Mirai and Gafgyt have been collected, in order to find the common denominator of CnC botnet communication. Afterwards, various ML-pipelines were tested for performance, and a series of experiments demonstrating zero-day attack capabilities was performed. In the end, a feasibility study of performance of an ML-based system in real-time conditions was given.
Напомена:
Регистрациона форма за учешће и линк за активно праћење предавања за регистроване кориснике (након логовања):
https://miteam.mi.sanu.ac.rs/asset/CW5nJWDSEZDj7p32p
Нерегистровани корисници могу да прате предавања на овом линку (без могућности активног учешћа):
https://miteam.mi.sanu.ac.rs/call/hR9vL94nD6QE8qQZj/xET9GcPMyR08nqH8lnS3SE7N5Vf00H7Lp9EBhsv6Lti
