Detection and Prevention of Botnets and Malware in an Enterprise Network
One of the most significant threats faced by enterprise networks today is from Bots. A Bot is a program that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of Bots in a network, used for malicious purposes is referred to as a Botnet. Bot attacks can range from localized attacks like key-logging to network intensive attacks like Distributed Denial of Service (DDoS). In this paper, the authors suggest a novel approach that can detect and combat Bots. The proposed solution adopts a two pronged strategy which they have classified into the standalone algorithm and the network algorithm.