By Topic

Flow Based Botnet Detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Hsiao-Chung Lin ; Dept. of Inf. Manage., Nat. Sun Yet-sen Univ., Kaohsiung, Taiwan ; Chia-Mei Chen ; Jui-Yu Tzeng

Botnet is a collection of computer hosts exploited by malicious software that is remotely controlled through a command and control channel. More new types of attacks invented based on Botnets. Because of usage of legitimate IRC (Internet Relay Chat) servers to command and control the bots, it is hard to detect and remove Botnets. Flow information may keep the fingerprint of bots and can be used to identify IRC-based Botnets. The proposed method applies flow correlation for grouping the same activities of the same IRC-based bots. After flow correlation, the normal IRC and abnormal IRC traces are identified by scoring technique.

Published in:

Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on

Date of Conference:

7-9 Dec. 2009