Abstract
The paper studies the various aspects of botnet detection. It focuses on the different methods available for detection of the bot, C&C and botherder. There is also the elaboration of different botnet protection methods that can be utilized by systems users to protect their systems before bot infection and also after bot infection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gu G., Perdisci R., Zhang J., and Lee W.: Botminer: clustering analysis of network traffic for protocol- and structure-independent botnet detection. In: Usenix Security Symposium, vol. 5, No. 2, pp. 139–154 (2008)
Gu, G., Porras, P., Yegneswaran, V., Fong, M., Lee, W.: Bothunter: detecting malware infection through ids-driven dialog correlation. In: Usenix Security Symposium, vol. 7, pp. 1–16 (2007)
Zhuang, L., Dunagan, J., et al.: Characterizing botnets from email spam records. In: USENIX Workshop on Large-Scale Exploits and Emergent Threats, vol. 8, pp. 1–9 (2008)
Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, pp. 41–52 (2006)
VillamarÃn-Salomón, R., VillamarÃn-Salomón, J.: Identifying botnets using anomaly detection techniques applied to DNS traffic. In: Proceedings of the 5th IEEE Consumer Communications and Networking Conference, pp. 476–481 (2008)
Choi, H., Lee, H., Kim, H.: Botnet detection by monitoring group activities in DNS traffic. In: Proceedings of the 7th IEEE International Conference on Computer and Information Technology, pp. 715–720 (2007)
Goebel, J., Holz, T.: Rishi: identify bot contaminated hosts by IRC nickname evaluation. In: Usenix Workshop on Hot Topics in Understanding Botnets, vol. 7, p. 8 (2007)
Strayer, W.T., et al.: Botnet detection based on network behavior. In: Botnet Detection, vol. 36, pp. 1–24. Springer, US (2008)
Holz, T., Gorecki, C., Rieck, K., Freiling, F.: Detection and mitigation of fast-flux service networks. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (2008)
Gu, G., Yegneswaran, V., Porras, P., Stoll, J., Lee, W.: Active botnet probing to identify obscure command and control channels. In: Computer Security Applications Conference IEEE, pp. 241–253 (2009)
Snort IDS web page. http://www.snort.org, March (2006)
Rossow,C., Dietrich C.J.: Provex: detecting botnets with encrypted command and control channels. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 21–40. Springer (2013)
Perdisci, R., Lee, W., Feamster, N.: Behavioral clustering of HTTP-based malware and signature generation using malicious network traces. In: Usenix Symposium on Networked Systems Design & Implementation, pp. 391–404 (2010)
Wurzinger, P., et al.: Automatically generating models for botnet detection. In: European Symposium on Research in Computer Security, pp. 232–249. Springer (2009)
Rehak, M., Pechoucek, M., et al.: Adaptive multiagent system for network traffic monitoring. IEEE Intell. Syst. 3(24), 16–25 (2009)
Caglayan, A., Toothaker, M., et al.: Behavioral analysis of botnets for threat intelligence. Inf. Syst. E-Bus. Manag. 10(4), 491–519 (2012). (Springer)
Ramsbrock, D., Wang, X., Jiang, X.: A first step towards live botmaster traceback. In: Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, pp. 59–77. Springer (2008)
FireEye: Next generation threat protection. FireEye Inc. (2011)
Damballa,: Damballa::homepage (2011)
Grizzard, J.B., Johns, T.: Peer-to-peer botnets: overview and case study. In: Usenix Workshop on Hot Topics in Understanding Botnets (2007)
Holz, T., Steiner, M., Dahl, F., Biersack, E., Freilling, F.: Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm. In: Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, vol. 8, pp. 1–9 (2008)
Caballero, J., Poosankam, P., Kreibich, C., Song, D.: Dispatcher: enabling active botnet infiltration using automatic protocol reverse engineering. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 621–634 (2009)
Liu, L., Chen, S., Yan, G., Zhang, Z.: Bottracer: execution-based bot-like malware detection. In: International Conference on Information Security, pp. 97–113. Springer (2008)
Stinson, E., Mitchell, J.C.: Characterizing bots’ remote control behaviour. In: International Conference on Detection of Intrusions & Malware and Vulnerability Assessment, pp. 89–108. Springer (2007)
Karasaridis, A., Rexroad, B., Hoeflin, D.: Wide-scale botnet detection and characterization. In: Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, p. 7 (2007)
Gu, G., Zhang, J., Lee, W.: Botsniffer: detecting botnet command and control channels in network traffic. In: Network and Distributed System Security Symposium (2008)
Holz, T., Engelberth, M., Freiling, F.: Learning more about the underground economy: a case-study of key loggers and dropzones. In: European Symposium on Research in Computer Security, pp. 1–18. Springer (2009)
Kanich, C., Kreibich, C., et al.: Spamalytics: an empirical analysis of spam marketing conversion. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 3–14 (2008)
Furfie, B.: Laws must change to combat botnets Kaspersky. Feb (2011)
Bright, P.: How Operation b107 decapitated the Rustock botnet (2011)
A.P.E.C, AEC: Guide on Policy and Technical Approaches against Botnet. Dec (2008)
Leyden, J.: Botnet-harbouring survey fails to accounts for sinkholes (2011)
Orgill, G.L., Romney, G.W., et al.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the 5th Conference on Information Technology Education, pp. 177–181. ACM (2004)
Mody, N., O’Reirdan, M., Masiello, S., Zebek, J.: Common best practices for mitigating large scale bot infections in residential networks, July (2009)
Li, P., Salour, M., Su, X.: A survey of internet worm detection and containment. IEEE Commun. Surv. Tutorials 10(1), 20–35 (2008)
Cho, C.Y., Caballero, J.: Botnet infiltration: finding bugs in botnet command and control (2011)
Dinger, J., Hartenstein, H.: Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: First International Conference on Availability, Reliability and Security, p. 8. IEEE (2006)
Ford, R., Gordon, S.: Cent, five cent, ten cent, dollar: hitting botnets where it really hurts. In: Proceedings of the 2006 Workshop on New Security Paradigms, p. 310. ACM (2006)
IEEE 802.11ah. 2018: Accessed 23 Feb 2018. Retrieved from https://en.wikipedia.org/wiki/IEEE_802.11ah
Lee, A., Atkison, T.: A comparison of fuzzy hashes: evaluation, guidelines, and future suggestions (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Majhi, S.P., Swain, S.K., Pattnaik, P.K. (2020). Issues of Bot Network Detection and Protection. In: Mallick, P., Balas, V., Bhoi, A., Chae, GS. (eds) Cognitive Informatics and Soft Computing. Advances in Intelligent Systems and Computing, vol 1040. Springer, Singapore. https://doi.org/10.1007/978-981-15-1451-7_34
Download citation
DOI: https://doi.org/10.1007/978-981-15-1451-7_34
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-1450-0
Online ISBN: 978-981-15-1451-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)