A collaborative approach to botnet protection

Matija Stevanovic, Kasper Revsbech, Jens Myrup Pedersen, Robin Sharp, Christian Damsgaard Jensen

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

9 Citationer (Scopus)

Abstrakt

Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously. © 2012 IFIP International Federation for Information Processing.
OriginalsprogEngelsk
TitelMultidisciplinary Research and Practice for Information Systems : IFIP WG 8.4, 8.9/TC 5 International Cross-Domain Conference and Workshop on Availability, Reliability, and Security, CD-ARES 2012, Prague, Czech Republic, August 20-24, 2012. Proceedings
Antal sider15
Vol/bind7465
ForlagSpringer
Publikationsdato20 aug. 2012
Sider624-638
ISBN (Trykt)978-3-642-32497-0
ISBN (Elektronisk)978-3-642-32498-7
DOI
StatusUdgivet - 20 aug. 2012
BegivenhedInternational Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES 2012 - Prague, Tjekkiet
Varighed: 20 aug. 201224 aug. 2012

Konference

KonferenceInternational Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES 2012
LandTjekkiet
ByPrague
Periode20/08/201224/08/2012
NavnLecture Notes in Computer Science
ISSN0302-9743

Fingeraftryk Dyk ned i forskningsemnerne om 'A collaborative approach to botnet protection'. Sammen danner de et unikt fingeraftryk.

Citationsformater