M. R. Rostami, M. Eslahi, Bharanidharan Shanmugam, Z. Ismail
{"title":"僵尸网络演化:网络流量指标","authors":"M. R. Rostami, M. Eslahi, Bharanidharan Shanmugam, Z. Ismail","doi":"10.1109/ISBAST.2014.7013134","DOIUrl":null,"url":null,"abstract":"In recent years, the HTTP has become dominant protocol among other protocols for the Internet services as it provides a set of rules to manage the data exchange between servers and browsers. On the other hand, this standard protocol has been widely used in the latest generation of botnets to establish their command and control channel and hide their malicious activities among normal Web traffic. Therefore, analyzing HTTP traffic has become a common method in current HTTP-based botnet detection studies. Since the HTTP botnets are a new phenomenon,they have not been fully explored yet. Therefore, in this paper we present an overview of the features and parameters that have been used in existing studies to detect HTTP botnets along with their shortcomings. We also propose a number of HTTP protocol characteristics that can be used for further botnet analysis and detection.","PeriodicalId":292333,"journal":{"name":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","volume":"115 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Botnet evolution: Network traffic indicators\",\"authors\":\"M. R. Rostami, M. Eslahi, Bharanidharan Shanmugam, Z. Ismail\",\"doi\":\"10.1109/ISBAST.2014.7013134\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, the HTTP has become dominant protocol among other protocols for the Internet services as it provides a set of rules to manage the data exchange between servers and browsers. On the other hand, this standard protocol has been widely used in the latest generation of botnets to establish their command and control channel and hide their malicious activities among normal Web traffic. Therefore, analyzing HTTP traffic has become a common method in current HTTP-based botnet detection studies. Since the HTTP botnets are a new phenomenon,they have not been fully explored yet. Therefore, in this paper we present an overview of the features and parameters that have been used in existing studies to detect HTTP botnets along with their shortcomings. We also propose a number of HTTP protocol characteristics that can be used for further botnet analysis and detection.\",\"PeriodicalId\":292333,\"journal\":{\"name\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"volume\":\"115 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Symposium on Biometrics and Security Technologies (ISBAST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISBAST.2014.7013134\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Symposium on Biometrics and Security Technologies (ISBAST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISBAST.2014.7013134","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
In recent years, the HTTP has become dominant protocol among other protocols for the Internet services as it provides a set of rules to manage the data exchange between servers and browsers. On the other hand, this standard protocol has been widely used in the latest generation of botnets to establish their command and control channel and hide their malicious activities among normal Web traffic. Therefore, analyzing HTTP traffic has become a common method in current HTTP-based botnet detection studies. Since the HTTP botnets are a new phenomenon,they have not been fully explored yet. Therefore, in this paper we present an overview of the features and parameters that have been used in existing studies to detect HTTP botnets along with their shortcomings. We also propose a number of HTTP protocol characteristics that can be used for further botnet analysis and detection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
