A collaborative approach to botnet protection
Publication: Research - peer-review › Article in proceedings – Annual report year: 2012
Standard
A collaborative approach to botnet protection. / Stevanovic, Matija; Revsbech, Kasper; Pedersen, Jens Myrup; Sharp, Robin; Jensen, Christian D.
In: Multidisciplinary Research and Practice for Information Systems. ed. / Gerald Quirchmayr; Josef Basl; Ilsun You; Lida Xu; Edgar Weippl. Springer Verlag, 2012. p. 624-638 (Lecture Notes in Computer Science, Vol. 7465).Publication: Research - peer-review › Article in proceedings – Annual report year: 2012
Harvard
APA
CBE
MLA
Vancouver
Author
Bibtex
}
RIS
TY - GEN
T1 - A collaborative approach to botnet protection
A1 - Stevanovic,Matija
A1 - Revsbech,Kasper
A1 - Pedersen,Jens Myrup
A1 - Sharp,Robin
A1 - Jensen,Christian D.
AU - Stevanovic,Matija
AU - Revsbech,Kasper
AU - Pedersen,Jens Myrup
AU - Sharp,Robin
AU - Jensen,Christian D.
PB - Springer Verlag
PY - 2012
Y1 - 2012
N2 - Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously. © 2012 IFIP International Federation for Information Processing.
AB - Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously. © 2012 IFIP International Federation for Information Processing.
KW - Health care
KW - Internet
U2 - 10.1007/978-3-642-32498-7_47
DO - 10.1007/978-3-642-32498-7_47
SN - 978-3-642-32497-0
BT - Multidisciplinary Research and Practice for Information Systems
T2 - Multidisciplinary Research and Practice for Information Systems
A2 - Weippl,Edgar
ED - Weippl,Edgar
T3 - Lecture Notes in Computer Science
T3 - en_GB
SP - 624
EP - 638
ER -