Malware Detection and Prevention Platform: Telecom Italia Case Study

Costa, Luciana; D’Amico, Roberta

doi:10.1007/978-3-8348-9788-6_20

Luciana Costa² &
Roberta D’Amico³

965 Accesses

Abstract

This paper illustrates the botnet problem, its impact and the need of security measures. By reviewing the existing literature regarding the botnet detection solutions the paper evidences the important role an ISP could take to better safeguard the user reducing in the meantime the spreading of the botnet phenomenon. The malware detection and prevention platform that Telecom Italia has defined is described. The aim is to minimize the potential harm that bots can inflict upon Internet infrastructure and to provide a detection and notification way to the users when their machines try to access a malware domain or when there is evidence that their computers have been compromised.

The idea is not necessarily to block or delay the users’ traffic but to inform the users about the potential security risk on navigating on compromised sites, leaving anyway to the users the final choice to access the malicious domain. A security portal is accessible from a user detected as potentially infected with the aims to provide a common, well-organized set of information useful to clean the compromised system. Following this approach TI intends to prevent damage to its infrastructure while contrasting the malware infection spread.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Mody Nirmal, O’Reirdam Michael: Messaging Anti-Abuse Working Group Common Best Practices for Mitigating Large Scale Bot Infections in Residential Networks, July 2009, V1.0.0.
Google Scholar
Livingood Jason, Mody Nirmal, O’Reirdam Michael: Recommendations for the Remediation of Bots in ISP Network, September 2009, V03.
Google Scholar
Japanese government, Cyber Clean Center (CCC) Activity Report, FY 2007, https://www.ccc.go.jp/en_report/h19ccc_en_report.pdf.
Ramachandran Anirudh, Feamster Nick, Dagon David: Revealing Botnet Membership Using DNSBL Counter-Intelligence, July 2006.
Google Scholar
Choi Hyunsang, Lee Hanwoo, Lee Heejo, Kim Hyogon: Botnet Detection by monitoring group activities in DNS Traffic, 2009
Google Scholar
Keisuke Ishibashi, Tsuyoshi Toyono, Makoto Iwamura: Botnet Detection combining DNS and Honeypot Data, 2008
Google Scholar
Weimer Florian: Passive DNS Replication. April 2005
Google Scholar

Download references

Author information

Authors and Affiliations

Italy – Telecom Italia SpA, G. R. Romoli 274, 10148, Turin, Italy
Luciana Costa
Italy – Telecom Italia SpA, G. R. Romoli 274, 10148, Turin, Italy
Roberta D’Amico

Authors

Luciana Costa
View author publications
You can also search for this author in PubMed Google Scholar
Roberta D’Amico
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute for Internet-Security, Gelsenkirchen University of Applied Sciences, Gelsenkirchen
Norbert Pohlmann

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Costa, L., D’Amico, R. (2011). Malware Detection and Prevention Platform: Telecom Italia Case Study. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_20

Download citation

DOI: https://doi.org/10.1007/978-3-8348-9788-6_20
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics