By Topic

Fast Deployment of Botnet Detection with Traffic Monitoring

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Chung-Huang Yang ; Nat. Kaohsiung Normal Univ., Taiwan ; Kuang-Li Ting

With the Internet crime growing, such as phishing, money mules, personal data stealing and trafficking, DDoS (Distributed Denial of Service), and other cases often heard by people from time to time. DDoS mostly uses botnet as source of attack, and distributes trojans and worms to infect hosts. Infected hosts become bots, and could be controlled by the botmaster. Botmaster uses command and control server to control bots. Because botmaster servers use dynamic types and encryption methods to communicate with bots, it's difficult to detect bots. In this research, we designed and developed a system to detect bot-like traffic and deny traffic of who looks like bots. We revised the NTOP program and integrated it with self developed perl programs. Our system will monitor the network layer and transport layer on network activities and send email/SMS to the network administrator to block suspicious botnet.

Published in:

Intelligent Information Hiding and Multimedia Signal Processing, 2009. IIH-MSP '09. Fifth International Conference on

Date of Conference:

12-14 Sept. 2009