Abstract
This paper illustrates the botnet problem, its impact and the need of security measures. By reviewing the existing literature regarding the botnet detection solutions the paper evidences the important role an ISP could take to better safeguard the user reducing in the meantime the spreading of the botnet phenomenon. The malware detection and prevention platform that Telecom Italia has defined is described. The aim is to minimize the potential harm that bots can inflict upon Internet infrastructure and to provide a detection and notification way to the users when their machines try to access a malware domain or when there is evidence that their computers have been compromised.
The idea is not necessarily to block or delay the users’ traffic but to inform the users about the potential security risk on navigating on compromised sites, leaving anyway to the users the final choice to access the malicious domain. A security portal is accessible from a user detected as potentially infected with the aims to provide a common, well-organized set of information useful to clean the compromised system. Following this approach TI intends to prevent damage to its infrastructure while contrasting the malware infection spread.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Mody Nirmal, O’Reirdam Michael: Messaging Anti-Abuse Working Group Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks, July 2009, V1.0.0.
Livingood Jason, Mody Nirmal, O’Reirdam Michael: Recommendations for the Remediation of Bots in ISP Network, September 2009, V03.
Japanese government, Cyber Clean Center (CCC) Activity Report, FY 2007, https://www.ccc.go.jp/en_report/h19ccc_en_report.pdf.
Ramachandran Anirudh, Feamster Nick, Dagon David: Revealing Botnet Membership Using DNSBL Counter-Intelligence, July 2006.
Choi Hyunsang, Lee Hanwoo, Lee Heejo, Kim Hyogon: Botnet Detection by monitoring group activities in DNS Traffic, 2009
Keisuke Ishibashi, Tsuyoshi Toyono, Makoto Iwamura: Botnet Detection combining DNS and Honeypot Data, 2008
Weimer Florian: Passive DNS Replication. April 2005
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Costa, L., D’Amico, R. (2011). Malware Detection and Prevention Platform: Telecom Italia Case Study. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_20
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_20
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)