Abstract | ||
---|---|---|
Botnet is an attack network composed of hundreds of millions of compromised computers. Botnet is emerging as the most serious threat against cyber-security and is used to launch Distributed Denial of Service (DDoS) attacks, malware dissemination, phishing, remote control, click fraud, and etc. Although botnet has posed serious security threat on Internet, the research of detecting and preventing botnet is still in its infancy. One effective technique for botnet detection is to identify botnet C&C traffic. In this paper, we present a case study of the IRC-based botnet C&C communication and then present a novel method to detect botnet C&C communications. We develop quantitative ways to assess the C&C communications between the bot and the C&C server; furthermore, we also illustrate the correlation methods within the same botnet's C&C communications to decrease the false positive rate. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1007/978-3-642-34038-3_79 | Communications in Computer and Information Science |
Keywords | Field | DocType |
Bot,Botriet,Computer Security | False positive rate,Phishing,Denial-of-service attack,Command and control,Botnet,Computer security,Computer science,Computer network,Click fraud,Malware,The Internet | Conference |
Volume | ISSN | Citations |
307 | 1865-0929 | 0 |
PageRank | References | Authors |
0.34 | 12 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jinquan Zeng | 1 | 40 | 5.62 |
Weiwen Tang | 2 | 11 | 2.29 |
Caiming Liu | 3 | 55 | 10.20 |
Jianbin Hu | 4 | 179 | 22.43 |
Lingxi Peng | 5 | 161 | 17.95 |