BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
Source: Georgia Institute of Technology
Botnets are now the key platform for many Internet attacks, such as spam, Distributed Denial-of-Service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet Command and Control (C&C) protocols (e.g., IRC) and structures (e.g., centralized), and can become ineffective as botnets change their C&C techniques. This paper presents a general detection framework that is independent of botnet C&C protocol and structure, and requires no a priori knowledge of botnets (such as captured bot binaries and hence the botnet signatures, and C&C server names/addresses).
| Format: | Size: | 229.60 | |
| Date: | May 2008 |
People who downloaded this item also downloaded
- Intrusion Defense Firewall: Network-Level HIPS at the Endpoint
- VoIP Security: Protecting Your VoIP Investment
- Ethical Hacking: Teaching Students to Hack
- HP ProLiant DL980 G7 Servers in Highly Available Linux Environments
- Strategies to Overcome Network Congestion in Infrastructure Systems
