{"title":"僵尸网络检测的IRC流量分析","authors":"Claudio Mazzariello","doi":"10.1109/IAS.2008.58","DOIUrl":null,"url":null,"abstract":"Networked hosts' vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated attacks. There are many ways to perform control on an army of possibly unaware infected hosts, and an example of such techniques is discussed in this paper. We will address the problem of detecting botnets, by introducing a network traffic analysis architecture, and describing a behavioral model, for a specific class of network users, capable of identifying botnet-related activities.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"50","resultStr":"{\"title\":\"IRC Traffic Analysis for Botnet Detection\",\"authors\":\"Claudio Mazzariello\",\"doi\":\"10.1109/IAS.2008.58\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Networked hosts' vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated attacks. There are many ways to perform control on an army of possibly unaware infected hosts, and an example of such techniques is discussed in this paper. We will address the problem of detecting botnets, by introducing a network traffic analysis architecture, and describing a behavioral model, for a specific class of network users, capable of identifying botnet-related activities.\",\"PeriodicalId\":103328,\"journal\":{\"name\":\"2008 The Fourth International Conference on Information Assurance and Security\",\"volume\":\"82 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"50\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 The Fourth International Conference on Information Assurance and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IAS.2008.58\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 The Fourth International Conference on Information Assurance and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAS.2008.58","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Networked hosts' vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated attacks. There are many ways to perform control on an army of possibly unaware infected hosts, and an example of such techniques is discussed in this paper. We will address the problem of detecting botnets, by introducing a network traffic analysis architecture, and describing a behavioral model, for a specific class of network users, capable of identifying botnet-related activities.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
