A Collaborative Approach to Botnet Protection
نویسندگان
چکیده
Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously.
منابع مشابه
BotRevealer: Behavioral Detection of Botnets based on Botnet Life-cycle
Nowadays, botnets are considered as essential tools for planning serious cyberattacks. Botnets are used to perform various malicious activities such as DDoSattacks and sending spam emails. Different approaches are presented to detectbotnets; however most of them may be ineffective when there are only a fewinfected hosts in monitored network, as they rely on similarity in...
متن کاملBuilding an Anti-Botnet Platform to Mitigate Botnet
In recent years, with the rapid growth of the Internet applications and services, botnet becomes one of the most severe threats on the Internet. Because the botnets can be automatically evolved as different localized versions in a short period of time, how to find an effective and efficient approach to detect and notify the Botnet attack becomes an important and interesting issue. To cope with ...
متن کاملThe Case for a Collaborative Universal Peer-to-Peer Botnet Investigation Framework
Peer to Peer (P2P) botnets are becoming widely used as a low overhead, efficient, self maintaining, distributed alternative to the traditional client/server model across a broad range of cyberattacks. These cyberattacks can take the form of distributed denial of service attacks, authentication cracking, spamming, cyberwarfare or malware distribution targeting on financial systems. These attacks...
متن کاملExperiments With Simulation Of Botnets And Defense Agent Teams
Botnets allow malefactors manage millions of infected computers simultaneously and provide large-scale successful attacks. The paper suggests an approach for multi-agent simulation of botnets and botnet protection mechanisms. The main contribution of the paper is an improved simulation environment for agent based simulation of botnets and experimentation with this environment for analysis of di...
متن کاملA Robust Modeling Of Inventory Routing In Collaborative Reverse Supply Chains
This paper proposes a robust model for optimizing collaborative reverse supply chains. The primary idea is to develop a collaborative framework that can achieve the best solutions in the uncertain environment. Firstly, we model the exact problem in the form of a mixed integer nonlinear programming. To regard uncertainty, the robust optimization is employed that searches for an optimum answer wi...
متن کامل