Download now Free registration required
Botnets are now the key platform for many Internet attacks, such as spam, Distributed Denial-of-Service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet Command and Control (C&C) protocols (e.g., IRC) and structures (e.g., centralized), and can become ineffective as botnets change their C&C techniques. This paper presents a general detection framework that is independent of botnet C&C protocol and structure, and requires no a priori knowledge of botnets (such as captured bot binaries and hence the botnet signatures, and C&C server names/addresses).
- Format: PDF
- Size: 229.6 KB