A study on botnet detection techniques

From Botnets.fr
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

(Publication) Google search: [1]

A study on botnet detection techniques
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-04
Editor/Conference International Journal of Scientific and Research Publications
Link http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf (Archive copy)
Author Haritha.S. Nair, Vinodh Ewards S E
Type

Abstract

A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses

a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in each technique.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1155,
   editor = {International Journal of Scientific and Research Publications},
   author = {Haritha.S. Nair, Vinodh Ewards S E},
   title = {A study on botnet detection techniques},
   date = {01},
   month = Apr,
   year = {2012},
   howpublished = {\url{http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf}},
 }