Advanced Methods for Botnet Intrusion Detection Systems
作者: Son T. , Mohammed S.
DOI: 10.5772/15401
关键词: The Internet 、 Credit card 、 Phishing 、 Denial-of-service attack 、 Bot herder 、 Botnet 、 Intrusion detection system 、 Computer security 、 Login 、 Computer science
摘要: Today, our dependence on the internet has grown manifold. So need to protect vast personal information accessible via web interfaces such as online passwords, corporate secrets, banking accounts, and social networking accounts like Facebook. The appearance of botnets in scene over last decade, their ever changing behavior caused real challenges that cannot be easily remedied. According literature, a botnet is defined set infected hosts (also called bots or zombies) run autonomously automatically, controlled by botmaster (bot herder) who can co-ordinate his/her malicious intentions using bots. Some prominent tasks credited include DDoS (Distributed denialof-service), spam, phishing, ransomwares identity theft. In attack, command all its attack particular server (example: update.microsoft.com) at date, time for duration anonymous proxy used stepping-stone hide actual commanding node. spam campaign, nodes form bot network are responsible sending behaving relay points, delivering mails list intended victim email addresses selected botmaster. For example: node which part could sent day with payload mailed. These messages advertise pharmaceutical products may also deliver further infection executables links attachments recruit more bots, done Storm Waledac. phishing scam, acting proxies servers hoax site content benign users gather e-banking credit card credentials. example, sites host looks requesting login details credentials when entered user, access legitimate sites. Eventually funds transferred leave no trails (Nazario & Holz, 2008). Botnets have been known infect 2 million while Conficker 9 according some estimates. As seen, far reaching effects masters threat. This chapter will cover concise survey detection systems well provide novel mobile-agent based method adapted from intrusion systems, handling botnets. We necessary background needed understand offensive techniques utilized botnets; defensive
intechopen.com
intechweb.org参考文章(66)
David Dagon, Cliff Changchun Zou, Wenke Lee, Modeling Botnet Propagation Using Time Zones. network and distributed system security symposium. ,(2006)
Wayne Jansen, Tom Karygiannis, Mobile Agent Security National Institute of Standards and Technology (U.S.). ,(1999) , 10.6028/NIST.SP.800-19
Tal Garfinkel, Keith Adams, Jason Franklin, Andrew Warfield, Compatibility is not transparency: VMM detection myths and realities HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems. pp. 6- ,(2007)
Zhenkai Liang, Juan Caballero, Dawn Song, David Brumley, James Newsome, Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation usenix security symposium. pp. 15- ,(2007)
J. Aslam, D. Kotz, D. Rus, M. Cremonini, Using mobile agents for analyzing intrusion in computer networks european conference on object-oriented programming. ,(2001)
Alex Brodsky, Dmitry Brodsky, A distributed content independent method for spam detection conference on workshop on hot topics in understanding botnets. pp. 3- 3 ,(2007)
Christopher Krügel, Thomas Toth, Flexible, Mobile Agent Based Intrusion Detection for Dynamic Networks ,(2001)
Neil Daswani, Michael Stoppelman, The anatomy of Clickbot.A conference on workshop on hot topics in understanding botnets. pp. 11- 11 ,(2007)
Paul Barford, Mike Blodgett, Toward botnet mesocosms conference on workshop on hot topics in understanding botnets. pp. 6- 6 ,(2007)
David Dagon, Chris Nunnery, Vikram Sharma, Brent ByungHoon Kang, Julian B. Grizzard, Peer-to-peer botnets: overview and case study conference on workshop on hot topics in understanding botnets. pp. 1- 1 ,(2007)