Difference between revisions of "A study on botnet detection techniques"
Jump to navigation
Jump to search
m (1 revision imported) |
|||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Link=http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf | |Year=2012 | ||
|Link=http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf | |||
|Author=Haritha.S. Nair, Vinodh Ewards S E | |Author=Haritha.S. Nair, Vinodh Ewards S E | ||
|Abstract=A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses | |||
a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in | |||
each technique. | |||
|NomRevue=International Journal of Scientific and Research Publications | |NomRevue=International Journal of Scientific and Research Publications | ||
|ISBN=2250-3153 | |ISBN=2250-3153 | ||
}} | }} |
Revision as of 21:32, 5 August 2015
(Publication) Google search: [1]
A study on botnet detection techniques | |
---|---|
Botnet | |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / |
Editor/Conference | |
Link | http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf (Archive copy) |
Author | Haritha.S. Nair, Vinodh Ewards S E |
Type |
Abstract
“ A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses
a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in each technique.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1155, editor = {}, author = {Haritha.S. Nair, Vinodh Ewards S E}, title = {A study on botnet detection techniques}, date = {27}, month = Apr, year = {2012}, howpublished = {\url{http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf}}, }