A study on botnet detection techniques

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

A study on botnet detection techniques
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-04
Editor/Conference International Journal of Scientific and Research Publications
Link http://www.ijsrp.org/research paper apr2012/ijsrp-apr-2012-113.pdf (Archive copy)
Author Haritha.S. Nair, Vinodh Ewards S E
Type

Abstract

A botnet is a network of compromised computers, termed bots that are used for malicious purposes. When a computer becomes compromised typically through a drive-by download, that has embedded malicious software, that computer becomes a part of a botnet. A bot typically runs hidden and uses

a covert channel to communicate with its command and control server. Botnets are controlled through protocols such as IRC and HTTP and in protocol-conforming manners. This makes the detection of botnet command and control a challenging problem. In this paper we discuss some of the botnet detection techniques and compare their advantages, disadvantages and features used in each technique.

Bibtex

 @misc{Nair2012BFR1155,
   editor = {International Journal of Scientific and Research Publications},
   author = {Haritha.S. Nair, Vinodh Ewards S E},
   title = {A study on botnet detection techniques},
   date = {01},
   month = Apr,
   year = {2012},
   howpublished = {\url{http://www.ijsrp.org/research_paper_apr2012/ijsrp-apr-2012-113.pdf}},
 }