A Taxonomy of Botnet Detection Techniques
Among the diverse forms of malware, Botnet is the most widespread and serious threat which occurs commonly in todays cyber attacks. Botnets are collections of compromised computers which are remotely controlled by its originator (BotMaster) under a common Commond-and-Control (C&C) infrastructure. They provide a distributed platform for several illegal activities such as launching distributed denial of service (DDOS) attacks against critical targets, malware distribution, phishing, and click fraud. Most of the existing Botnet detection approaches concentrate only on particular Botnet command and control (C&C) protocols (e.g., IRC,HTTP) and structures (e.g., centralized), and can become ineffective as Botnets change their structure and C&C techniques. The detection of Botnet has been a major research topic in recent years. Different techniques and approaches have been proposed for detection and tracking of Botnet. This survey classifies Botnet detection techniques into two approaches. One approach is based on setting up honeynets and another approach is based on Intrusion Detection System( EDS) which has been categorized into signature-based and anomaly-based detection techniques.
Botnet hot P2P patterns malicious activities
Hossein Rouhani Zeidanloo Mohammad Jorjor Zadeh M.Safari Mazdak Zamani
shooshtari, Payam Vahdani Amoli Faculty of Computer Science and Information System University of Tec Industrial Engineering Department AaiirKabir University of Technology Tehran, Iran
国际会议
成都
英文
158-162
2010-07-07(万方平台首次上网日期,不代表论文的发表时间)