Firewall based botnet detection
作者: Michael J. Suzio , John D. Kuhn , Gary I. Givental , II Daniel E. Chapman
DOI:
关键词:
摘要: A computer detects malicious intrusions (or bots) into a computer. The receives firewall log data that includes communication records containing the source and destination of communication, as well as, time communication. or may be on list suspicious servers known to contain software. identifies sequence communications between common address address. further substantially fixed intervals communications, generates an alert indicating suspected bot intrusion. also from patterns in intervals, similarly generating
lens.org 参考文章(8)
Jan Goebel, Thorsten Holz, Rishi: identify bot contaminated hosts by IRC nickname evaluation conference on workshop on hot topics in understanding botnets. pp. 8- 8 ,(2007)
Travis Edward Dawson, Joe Cowan, Supranamaya Ranjan, Robert Edward Esposito, Botnet beacon detection ,(2011)
Jan Vilhuber, Geoffrey Huang, Method and apparatus for passing security configuration information between a client and a security policy server ,(2010)
Scott Alexander Crosby, Dan S. Wallach, Efficient tamper-evident data structures for untrusted servers Rice University. ,(2010)
Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, Dawn Song, Remote data checking using provable data possession ACM Transactions on Information and System Security. ,vol. 14, pp. 12- ,(2011) , 10.1145/1952982.1952994
Yoram Ofek, Mario Baldi, Remotely authenticated operation method ,(2003)
Graham Hamilton, Robert B. Hagman, Method and apparatus for communicating safely with untrusted servers ,(1994)
Maghsoud Abbaspour, Mehdi Kharrazi, Sajjad Arshad, Hooman Sanatkar, An anomaly-based botnet detection approach for identifying stealthy botnets ieee international conference on computer applications and industrial electronics. pp. 564- 569 ,(2011) , 10.1109/ICCAIE.2011.6162198