Naredni sastanak Seminara biće održan onlajn u sredu, 9. april 2025. godine, sa početkom u 19 časova.
Predavač: Đorđe Jovanović, Mathematical Institute SASA
Naslov predavanja: ML-BASED BOTNET DETECTION SYSTEM USING TIME SERIES CHARACTERISTICS
Apstrakt:
Botnets represent a class of computer viruses where a malicious attacker uses a network of infected devices for malicious purposes (DDoS attacks, identity theft, Instagram popularity). With the advent of botnets that target IoT devices, such as Mirai, nowadays even more devices can be easily infected, since they do not possess security capabilities on their own. Therefore, the protection of such devices must be managed from another part of the network. The main question this lecture tries to answer is: can a real-time ML-based security system, which would leverage main characteristics of botnet communication and be as memory efficient as possible, be made? Over a period of four years, live samples of botnet viruses of class Mirai and Gafgyt have been collected, in order to find the common denominator of CnC botnet communication. Afterwards, various ML-pipelines were tested for performance, and a series of experiments demonstrating zero-day attack capabilities was performed. In the end, a feasibility study of performance of an ML-based system in real-time conditions was given.
Napomena:
Registraciona forma za učešće i link za aktivno praćenje predavanja za registrovane korisnike (nakon logovanja):
https://miteam.mi.sanu.ac.rs/asset/CW5nJWDSEZDj7p32p
Neregistrovani korisnici mogu da prate predavanja na ovom linku (bez mogućnosti aktivnog učešća):
https://miteam.mi.sanu.ac.rs/call/hR9vL94nD6QE8qQZj/xET9GcPMyR08nqH8lnS3SE7N5Vf00H7Lp9EBhsv6Lti