A Holistic Botnet Detection Framework Independent of Botnet Protocols and Architecture
نویسندگان
چکیده
Fast growth of Internet has brought some security concerns. One of these security concerns is Botnet. Bot and Botnets are new sophisticated kind of malware that is equipped with advanced features and have variety of applications. This paper reviews the current botnet detection frameworks and their advantages and drawbacks. To address the drawbacks we propose a conceptual holistic Botnet Detection Framework that is free of limitations regarding the specific botnet protocols and architecture. Keywords— Bot; Botnet; Botnet detection framework; network traffic.
منابع مشابه
BotOnus: an online unsupervised method for Botnet detection
Botnets are recognized as one of the most dangerous threats to the Internet infrastructure. They are used for malicious activities such as launching distributed denial of service attacks, sending spam, and leaking personal information. Existing botnet detection methods produce a number of good ideas, but they are far from complete yet, since most of them cannot detect botnets in an early stage ...
متن کاملBotnet Detection by Monitoring Similar Communication Patterns
Botnet is most widespread and occurs commonly in today‘s cyber attacks, resulting in serious threats to our network assets and organization’s properties. Botnets are collections of compromised computers (Bots) which are remotely controlled by its originator (BotMaster) under a common Command-andControl (C&C) infrastructure. They are used to distribute commands to the Bots for malicious activiti...
متن کاملBotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g., IRC) and structures (e.g., centralized), and can become ineffective as botnets change their C&C techniques. In this paper, we present a...
متن کاملBotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملBotnet Detection Framework
Botnet ia a collection on network of bots. i.e the collection of zombie computers which are controlled by a single person or group known as bot master or herder. This paper focuses on botnet detection framework and proposed a generic framework for botnet detection. The proposed framework is based on the approach of passively monitoring network traffic. This paer also show the flow chart of Gene...
متن کامل