基于DNS和统计方法的高效恶意节点检测

2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI) Pub Date : 2012-06-01 DOI:10.1109/SAMI.2012.6208963

P. Marko, P. Vilhan

{"title":"基于DNS和统计方法的高效恶意节点检测","authors":"P. Marko, P. Vilhan","doi":"10.1109/SAMI.2012.6208963","DOIUrl":null,"url":null,"abstract":"The power and flexibility of botnets is rising together with increasing the computational power of personal computers and growing network bandwidth. This implies extreme demands on ISP's security resources in contrast to minimizing the delay and maximizing the throughput of the network. The main contribution of our approach is ability to detect botnet's nodes in LAN using resource friendly solution. This brings high efficiency into the dealing with malicious host's activity. The proposed solution can be transparently integrated into existing security infrastructure even on legacy hardware.","PeriodicalId":158731,"journal":{"name":"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Efficient detection of malicious nodes based on DNS and statistical methods\",\"authors\":\"P. Marko, P. Vilhan\",\"doi\":\"10.1109/SAMI.2012.6208963\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The power and flexibility of botnets is rising together with increasing the computational power of personal computers and growing network bandwidth. This implies extreme demands on ISP's security resources in contrast to minimizing the delay and maximizing the throughput of the network. The main contribution of our approach is ability to detect botnet's nodes in LAN using resource friendly solution. This brings high efficiency into the dealing with malicious host's activity. The proposed solution can be transparently integrated into existing security infrastructure even on legacy hardware.\",\"PeriodicalId\":158731,\"journal\":{\"name\":\"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAMI.2012.6208963\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAMI.2012.6208963","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

随着个人计算机计算能力的提高和网络带宽的增长，僵尸网络的能力和灵活性也在不断提高。这对ISP的安全资源提出了极高的要求，而不是最小化延迟和最大化网络吞吐量。该方法的主要贡献是能够使用资源友好的解决方案检测局域网中的僵尸网络节点。这提高了处理恶意主机活动的效率。建议的解决方案可以透明地集成到现有的安全基础设施中，甚至在遗留硬件上也是如此。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Efficient detection of malicious nodes based on DNS and statistical methods

The power and flexibility of botnets is rising together with increasing the computational power of personal computers and growing network bandwidth. This implies extreme demands on ISP's security resources in contrast to minimizing the delay and maximizing the throughput of the network. The main contribution of our approach is ability to detect botnet's nodes in LAN using resource friendly solution. This brings high efficiency into the dealing with malicious host's activity. The proposed solution can be transparently integrated into existing security infrastructure even on legacy hardware.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 IEEE 10th International Symposium on Applied Machine Intelligence and Informatics (SAMI)

自引率

0.00%

发文量