Detecting Bots inside a Host using Network Behavior Analysis
نویسندگان
چکیده
منابع مشابه
Detecting bots using multi- level traffic analysis
Botnets, as networks of compromised “zombie” computers, represent one of the most serious security threats on the Internet today. This paper explores how machines compromised with bot malware can be identified at local and enterprise networks in accurate and time-efficient manner. The paper introduces a novel multi-level botnet detection approach that performs network traffic analysis of three ...
متن کاملMining the Network Behavior of Bots
A botnet is a network of compromised hosts that fulfills the malicious intents of an attacker. Once installed, a bot is typically used to steal sensitive information, send SPAM, perform DDoS attacks, and other illegal activities. Research in botnet detection has been quite prolific in the past years, producing detection mechanisms that focus on specific command and control structures, or on the...
متن کاملBotDigger: Detecting DGA Bots in a Single Network
To improve the resiliency of communication between bots and C&C servers, bot masters began utilizing Domain Generation Algorithms (DGA) in recent years. Many systems have been introduced to detect DGA-based botnets. However, they suffer from several limitations, such as requiring DNS traffic collected across many networks, the presence of multiple bots from the same botnet, and so forth. These ...
متن کاملDetecting frauds using customer behavior trend analysis and known scenarios
In this paper a fraud detection method is proposed which user behaviors are modeled using two main components namely the un-normal trend analysis component and scenario based component. The extent of deviation of a transaction from his/her normal behavior is estimated using fuzzy membership functions. The results of applying all membership functions on a transaction will then be infused and a f...
متن کاملCharacterizing Bots' Remote Control Behavior
A botnet is a collection of bots, each generally running on a compromised system and responding to commands over a “commandand-control” overlay network. We investigate observable differences in the behavior of bots and benign programs, focusing on the way that bots respond to data received over the network. Our experimental platform monitors execution of an arbitrary Win32 binary, considering d...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Computer Applications
سال: 2018
ISSN: 0975-8887
DOI: 10.5120/ijca2018917241