Detection of web based command & control channels
作者: Martin Warmer
DOI:
关键词:
摘要: Recent malware allows criminals to remotely control computers using Command & Control (C&C) channels. These channels are used perform criminal activities infected computers. activities pose a threat both the user of the computer and other users on network. This can be mitigated by detecting C&C network. In this thesis we attempt improve detection capabilities for web based C&C We provide survey current channel techniques and study behaviour based Based these results, propose three new techniques HTTP HTTPS based channels.We evaluate these an overview of their capabilities.
utwente.nl参考文章(37)
Jan Goebel, Thorsten Holz, Rishi: identify bot contaminated hosts by IRC nickname evaluation conference on workshop on hot topics in understanding botnets. pp. 8- 8 ,(2007)
Roberto Perdisci, David Dagon, Manos Antonakakis, Nick Feamster, Wenke Lee, Building a dynamic reputation system for DNS usenix security symposium. pp. 18- 18 ,(2010)
Vinod Yegneswaran, Guofei Gu, Wenke Lee, Martin Fong, Phillip Porras, BotHunter: detecting malware infection through IDS-driven dialog correlation usenix security symposium. pp. 12- ,(2007)
Curtis S. McCarthy, An Investigation on Detecting Applications Hidden in SSL Streams using Machine Learning Techniques ,(2010)
Suresh Singh, James R. Binkley, An algorithm for anomaly-based botnet detection conference on steps to reducing unwanted traffic on internet. pp. 7- 7 ,(2006)
Frederic Giroire, Jaideep Chandrashekar, Nina Taft, Eve Schooler, Dina Papagiannaki, Exploiting Temporal Persistence to Detect Covert Botnet Channels recent advances in intrusion detection. pp. 326- 345 ,(2009) , 10.1007/978-3-642-04342-0_17
Ching-Hsiang Hsu, Chun-Ying Huang, Kuan-Ta Chen, Fast-flux bot detection in real time recent advances in intrusion detection. pp. 464- 483 ,(2010) , 10.1007/978-3-642-15512-3_24
Satoshi Kondo, Naoshi Sato, Botnet Traffic Detection Techniques by C&C Session Classification Using SVM Advances in Information and Computer Security. pp. 91- 104 ,(2007) , 10.1007/978-3-540-75651-4_7
Brian Rexroad, Anestis Karasaridis, David Hoeflin, Wide-scale botnet detection and characterization conference on workshop on hot topics in understanding botnets. pp. 7- 7 ,(2007)
Huijun Xiong, Prateek Malhotra, Deian Stefan, Chehai Wu, Danfeng Yao, User-Assisted Host-Based Detection of Outbound Malware Traffic Information and Communications Security. pp. 293- 307 ,(2009) , 10.1007/978-3-642-11145-7_23