A study on botnet detection techniques

From Botnets.fr
Revision as of 15:28, 7 February 2015 by Eric.freyssinet (talk | contribs) (1 revision imported)
Jump to navigation Jump to search

(Publication) Google search: [1]

A study on botnet detection techniques
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / Volume 2, Issue 4
Editor/Conference
Link http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf www.ijsrp.org (www.ijsrp.org Archive copy)
Author Haritha.S. Nair, Vinodh Ewards S E
Type

Abstract

A botnet is a network of compromised computers,

termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in each technique.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1155,
   editor = {},
   author = {Haritha.S. Nair, Vinodh Ewards S E},
   title = {A study on botnet detection techniques},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf www.ijsrp.org}},
 }