Bonfring International Journal of Research in Communication Engineering
Online ISSN: 2277-5080 | Print ISSN: 2250-110X | Frequency: 4 Issues/Year
Impact Factor: 0.528 | International Scientific Indexing(ISI) calculate based on International Citation Report(ICR)
Towards Realization of Large-Scale Botnet Probing Events
Abstract:
Today's attack scenery is governed by Botnets. Botnet refer to a group of bots-a sort of malware which allows an attacker to achieve complete control over the affected computer. Botnets are often run by malicious programmers with specific skills while advanced attackers manage the control channel. This work is to understand the consequence of large-scale "botnet probes" through investigating the ways to analyze collections of malicious probing traffic .In such events, a whole collection of remote hosts together probes the address space monitored by a sensor in somewhat a synchronized fashion. Our goal is to extend methodologies by which sites receiving such probes can understand using purely local surveillance i.e., information about the probing activity regarding scanning strategies the probing employ and whether the attack specifically targets the site, or the site just accidentally probed as part of a larger, unselective attack? Our analysis draws upon comprehensive honeynet data to discover the occurrence of diverse types of scanning, with properties such as trend, uniformity, coordination, and darknet avoidance. Cross-evaluating with data from DShield assures that our approach holds for contributing to a site's "situational awareness" accurately
Keywords: Botnet, Computer Network Security, Global Property Extrapolation, Honeynet
Volume: 1 | Issue: Inaugural Special Issue
Pages: 22-25
Issue Date: December , 2011
DOI: 10.9756/BIJRCE.1005
 |
|