A Proposed Framework for P2P Botnet Detection

Botnet is most widespread and occurs commonly in today's cyber attacks, resulting in serious threats to the users' network assets and organization's properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Command-and-Control (C&C) infrastructure. They are used to distribute commands to bots for malicious activities such as Distributed Denial-of-Service (DDoS) attacks, spam and phishing. Most of the existing botnet detection approaches concentrate only on particular botnet Command and Control (C&C) protocols (e.g., IRC,HTTP) and structures (e.g., centralized), and can become ineffective as botnets change their structure and C&C techniques.

Provided by: International Journal of Engineering and Technology Topic: Security Date Added: Apr 2010 Format: PDF

Find By Topic