Abstract
In view of the current Botnet attack turning frequently, this paper analysis the double-stage propagation model of intelligent botnet, and puts forward a botnet detection method. This method adopts the concept of flow; for the first stage of the propagation, the paper puts forward the small flow filtering method, and reduces the number of flows needed to detect deeply effectively; for the second stage of the propagation, the paper adopts the thought of flow call-back, and detect each suspicious IP on the terminal router when botnet attacks cause network congestion, and then ensure the detection of botnet in real time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dagon D (2006) Modeling botnet propagation using time zones. In: 13th annual network and distributed system security symposium, vol 328. San Diego, pp 235–249
Provos NA (2004) Virtual honeypot framework. In: Proceedings of 13th USENIX security symposium, vol 293. San Diego, pp 127–131
Zou C, Cunningham R (2007) Honeypot-aware advanced botnet construction and maintenance. In: The international conference on dependable systems and networks, vol 321, Philadelphia, pp 199–208
Ping L, Xun Y (2008) A network traffic classification algorithm based on flow statistical characteristics. J Beijing Univ Posts Telecommun 31(2), 23:15–19
Mingjiang Y, Ke X, Jianping W (2009) Auto sig-automati-cally generating signatures for applications. In: IEEE international conference on computer and information technology, vol 234. Xiamen, pp 104–109
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this paper
Cite this paper
Jia, L. (2013). Research of Botnet Intrusion Detection Technology Based on the Flow. In: Du, W. (eds) Informatics and Management Science IV. Lecture Notes in Electrical Engineering, vol 207. Springer, London. https://doi.org/10.1007/978-1-4471-4793-0_1
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4793-0_1
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4792-3
Online ISBN: 978-1-4471-4793-0
eBook Packages: EngineeringEngineering (R0)