Abstract
Cybercrime is threatening our lives more seriously. In particular, the botnet technology is leading most of cybercrime such as distribute denial of service attack, spamming, critical information disclosure. To cope with this problem, various security techniques have been proposed. Especially, DNS-Sinkhole is known as the most effective approach to detect botnet activities. It has various advantages such as low cost, easy establishment and high effect. However, botnet response is more difficult because botnet technology is constantly evolving. In particular, legacy sinkhole system has revealed a variety of limitations such as low accuracy and limited information. Therefore, additional research is required to overcome these limitations. In this paper, we propose an enhanced sinkhole system that utilizes DNS-Sinkhole. Especially, we focus on the improving of post-processing mechanism based on packet analysis.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ianelli, N., Hackworth, A.: Botnet as a vehicle for online crime. CERT. Request for Comments (RFC) 1700 (December 2005)
Bailey, M., Cooke, E., Jahanian, F., Xu, Y., Karir, M.: A Survey of Botnet Technology and Defenses. In: Proceedings of Cybersecurity Applications & Technology Conference For Homeland Security (CATCH), pp. 299–304 (2009)
Korea Internet & Security Agency, A Strategy and Policy Planning for DDoS Response, KISA homepage (2010)
Kim, Y.-B., Youm, H.-Y.: A New Bot Disinfection Method Based on DNS Sinkhole. Journal of KIISC 18(6A), 107–114 (2008)
Kim, Y.-B., Lee, D.-R., Choi, J.-S., Youm, H.-Y.: Preventing Botnet Damage Technique and It’s Effect using Bot DNS Sinkhole. Journal of KISS(C): Computing Practices 15(1), 47–55 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, HG., Choi, SS., Lee, YS., Park, HS. (2010). Enhanced Sinkhole System by Improving Post-processing Mechanism. In: Kim, Th., Lee, Yh., Kang, BH., Ślęzak, D. (eds) Future Generation Information Technology. FGIT 2010. Lecture Notes in Computer Science, vol 6485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17569-5_46
Download citation
DOI: https://doi.org/10.1007/978-3-642-17569-5_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17568-8
Online ISBN: 978-3-642-17569-5
eBook Packages: Computer ScienceComputer Science (R0)