Skip to main content
SpringerLink
Log in

Research of Botnet Intrusion Detection Technology Based on the Flow

  • Conference paper
  • First Online:
Informatics and Management Science IV

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 207))

  • 1186 Accesses

Abstract

In view of the current Botnet attack turning frequently, this paper analysis the double-stage propagation model of intelligent botnet, and puts forward a botnet detection method. This method adopts the concept of flow; for the first stage of the propagation, the paper puts forward the small flow filtering method, and reduces the number of flows needed to detect deeply effectively; for the second stage of the propagation, the paper adopts the thought of flow call-back, and detect each suspicious IP on the terminal router when botnet attacks cause network congestion, and then ensure the detection of botnet in real time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Dagon D (2006) Modeling botnet propagation using time zones. In: 13th annual network and distributed system security symposium, vol 328. San Diego, pp 235–249

    Google Scholar 

  2. Provos NA (2004) Virtual honeypot framework. In: Proceedings of 13th USENIX security symposium, vol 293. San Diego, pp 127–131

    Google Scholar 

  3. Zou C, Cunningham R (2007) Honeypot-aware advanced botnet construction and maintenance. In: The international conference on dependable systems and networks, vol 321, Philadelphia, pp 199–208

    Google Scholar 

  4. Ping L, Xun Y (2008) A network traffic classification algorithm based on flow statistical characteristics. J Beijing Univ Posts Telecommun 31(2), 23:15–19

    Google Scholar 

  5. Mingjiang Y, Ke X, Jianping W (2009) Auto sig-automati-cally generating signatures for applications. In: IEEE international conference on computer and information technology, vol 234. Xiamen, pp 104–109

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Chinese People’s Armed Police Force Academy, Langfang, China

    Ling Jia

Authors
  1. Ling Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ling Jia .

Editor information

Editors and Affiliations

  1. , College of Elementary Education, Chongqing Normal University, Chongqing, 400700, China, People's Republic

    Wenjiang Du

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag London

About this paper

Cite this paper

Jia, L. (2013). Research of Botnet Intrusion Detection Technology Based on the Flow. In: Du, W. (eds) Informatics and Management Science IV. Lecture Notes in Electrical Engineering, vol 207. Springer, London. https://doi.org/10.1007/978-1-4471-4793-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-4793-0_1

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-4792-3

  • Online ISBN: 978-1-4471-4793-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation