The Research on Approaches for Botnet Detection
With the rapid development of botnet, the Internet has been facing the growing and disastrous threats. These threats can disable the infrastructure and cause the financial damages, which leads to a severe challenge for the global network security. In order to defense and counter the botnet, the detection is absolutely the basis. Therefore, the research on botnet detection has recently become a hot topic in the field of network security. After analyzing the proposed detection techniques, the authors present the basic process of botnet detection, and make classification for these techniques. Further more, according to the different stages of the life cycle of botnet, i.e., propagation, infection, communication and attack, they go into detail about main idea, detection process, merits and shortcomings of the existing techniques. Then, they summarize the approaches and the corresponding algorithms used in the detection techniques, propose the evaluation indices in the six dimensions of source, scope, rea l-time, accuracy, applicability and flexibility, and compare the representative techniques based on these indices. Later, they discuss the key issues of botnet detection in the fields of multi-source information collection and fusion, essential feature extraction, detection of communication and behavior, correlation analysis and detection architecture. Finally, future research trends are reviewed.
Botnet DetectionSystem AbnormalTraffic Background Knowledge
ZHANG Wen Fang Chen Jin
Architecture and Urban Planning School, Hunan City University Hunan City University Yiyang, P.R .Chi Economic Management Department YiYang Vocational College Yiyang, P.R .China
国际会议
海口
英文
392-395
2011-07-15(万方平台首次上网日期,不代表论文的发表时间)