Difference between revisions of "A study on botnet detection techniques"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
Line 1: Line 1:
{{Publication
{{Publication
|Link=http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf www.ijsrp.org
|Year=2012
|Link=http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf
|Author=Haritha.S. Nair, Vinodh Ewards S E
|Author=Haritha.S. Nair, Vinodh Ewards S E
|Abstract=A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses
a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in
each technique.
|NomRevue=International Journal of Scientific and Research Publications
|NomRevue=International Journal of Scientific and Research Publications
|Date=Volume 2, Issue 4
|Year=2012
|ISBN=2250-3153
|ISBN=2250-3153
|Abstract=A botnet is a network of compromised computers,
termed bots that are used for malicious purposes. When a
computer becomes compromised typically through a drive-by
download, that has embedded malicious software, that computer
becomes a part of a botnet. A bot typically runs hidden and uses
a covert channel to communicate with its command and control
server. Botnets are controlled through protocols such as IRC and
HTTP and in protocol-conforming manners. This makes the
detection of botnet command and control a challenging problem.
In this paper we discuss some of the botnet detection techniques
and compare their advantages, disadvantages and features used in
each technique.
}}
}}

Revision as of 21:32, 5 August 2015

(Publication) Google search: [1]

A study on botnet detection techniques
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 /
Editor/Conference
Link http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf (Archive copy)
Author Haritha.S. Nair, Vinodh Ewards S E
Type

Abstract

A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses

a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in each technique.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1155,
   editor = {},
   author = {Haritha.S. Nair, Vinodh Ewards S E},
   title = {A study on botnet detection techniques},
   date = {27},
   month = Apr,
   year = {2012},
   howpublished = {\url{http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=A_study_on_botnet_detection_techniques&oldid=5695"