Deployed on AWS
This solution can identify signatures of Botnet activity in an IT network.
Overview
Botnet Detector is a cutting-edge supervised machine learning model specifically trained on network traffic data to detect botnet activity with unparalleled accuracy.
Botnets pose a significant threat to networks worldwide, causing damages worth billions. However, with this solution, you can protect your network by detecting even the stealthiest botnets in real-time, ensuring your data and privacy remain uncompromised.
Botnet detector is capable of detecting a wide range of botnet behaviors, including Command and Control (C&C) communication, malware distribution, and Distributed Denial of Service (DDoS) attacks.
Highlights
- Botnet detector facilitates an important aspect of abnormal behavior profiling in cycbersecurity using machine learning to enable early detection of botnet activity in the network and facilitates the in-time remedial measures.
- Botnet detector offers a cutting-edge cyberdefense mechanism for diverse sectors, including finance, healthcare, retail, industrial, government and more.
- Need more machine learning, deep learning, NLP and Quantum Computing solutions. Reach out to us at Harman DTS.
Details
Delivery method
Latest version
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/host/hour |
|---|---|---|
ml.m5.large Inference (Batch) Recommended | Model inference on the ml.m5.large instance type, batch mode | $10.00 |
ml.t2.large Inference (Real-Time) Recommended | Model inference on the ml.t2.large instance type, real-time mode | $5.00 |
ml.m4.4xlarge Inference (Batch) | Model inference on the ml.m4.4xlarge instance type, batch mode | $10.00 |
ml.m5.4xlarge Inference (Batch) | Model inference on the ml.m5.4xlarge instance type, batch mode | $10.00 |
ml.m4.16xlarge Inference (Batch) | Model inference on the ml.m4.16xlarge instance type, batch mode | $10.00 |
ml.m5.2xlarge Inference (Batch) | Model inference on the ml.m5.2xlarge instance type, batch mode | $10.00 |
ml.p3.16xlarge Inference (Batch) | Model inference on the ml.p3.16xlarge instance type, batch mode | $10.00 |
ml.m4.2xlarge Inference (Batch) | Model inference on the ml.m4.2xlarge instance type, batch mode | $10.00 |
ml.c5.2xlarge Inference (Batch) | Model inference on the ml.c5.2xlarge instance type, batch mode | $10.00 |
ml.p3.2xlarge Inference (Batch) | Model inference on the ml.p3.2xlarge instance type, batch mode | $10.00 |
Vendor refund policy
We do not provide any usage related refunds at this time.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Amazon SageMaker model
An Amazon SageMaker model package is a pre-trained machine learning model ready to use without additional training. Use the model package to create a model on Amazon SageMaker for real-time inference or batch processing. Amazon SageMaker is a fully managed platform for building, training, and deploying machine learning models at scale.
Deploy the model on Amazon SageMaker AI using the following options:
Version release notes
Feature updates and bug fixes
Additional details
Inputs
- Summary
The solution accepts a json document which is a processed Wireshark pcap file generated from network monitoring.
- Input MIME type
- application/json
https://github.com/HDTS-user/lifeware-botnet-detector/blob/main/input/test.json
https://github.com/HDTS-user/lifeware-botnet-detector/blob/main/input/test.json
Input data descriptions
The following table describes supported input data fields for real-time inference and batch transform.
Field name | Description | Constraints | Required |
|---|---|---|---|
StartTime | Timestamp of the network data capture | Type: FreeText | Yes |
Dur | Duration of data capture | Type: Continuous
Minimum: 0 | Yes |
Proto | Network message protocols. | Type: Categorical
Allowed values: tcp, udp, rtp, arp, icmp, ipv6-icmp, ipx/spx, rtcp, pim, igmp, udt, ipv6, esp | Yes |
SrcAddr | IP address of the source of network traffic | Type: FreeText
Limitations: Needs to be in IP format | Yes |
Sport | Port number of source of network traffic | Type: Integer | Yes |
Dir | Direction of network traffic | Type: Categorical
Allowed values: ->, ?>, <->, <?>, who, <- | Yes |
DstAddr | IP address of the destination of network traffic | Type: FreeText
Limitations: Needs to be in IP format | Yes |
Dport | Port number of destination of network traffic | Type: Integer | Yes |
State | This represents the state of the transaction according to the protocol and has a total of 207 different unique values.
https://github.com/HDTS-user/lifeware-botnet-detector/blob/main/input_data_description | Type: Categorical
Allowed values: 207 unique values | Yes |
sTos | Source Type of Service field | Type: Categorical
Allowed values: 0, 1, 2, 3, 192, NaN | Yes |
Resources
Support
Vendor support
Business hours email support marketplaceSupp@harman.comÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Managed WAF cloud service to protect customers' web applications and data against cyberattacks; enable and maintain compliance, effective threat management, while lowering IT and business risks. Service is inclusive of the F5 web application firewall technology and F5 Silverline 24x7x365 global SOC.
Radware Bot Manager offers robust defense for web apps, mobile apps, and APIs against automated threats through layered defenses. It guards against various risks like account takeover, DDoS, web scraping, etc. The solution provides multiple mitigation choices, including the innovative Crypto Challenge, granting genuine users CAPTCHA-free access while thwarting bot assaults. It also secures native iOS/Android apps, ensuring swift protection against identity spoofing, tampering, and replay attacks, while blocking unauthorized access from emulators and modified systems.
This service is available in Singapore, Malaysia, Indonesia and Thailand.
With NTT's Application and API shield, you can protect your web applications and APIs deployed across multi-cloud and on-prem infrastructure with comprehensive and simple SaaS security solution. This is built using F5 Distributed Cloud Platform.
FortiNDR is Fortinet's Network Detection and Response technology. FortiNDR has extended and added features to detect Network Anomalies with auto and manual mitigation techniques
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.