A collaborative approach to botnet protection

Publication: Research - peer-reviewConference article – Annual report year: 2012

Standard

A collaborative approach to botnet protection. / Stevanovic, Matija; Revsbech, Kasper; Pedersen, Jens Myrup; Sharp, Robin; Jensen, Christian D.

In: Lecture Notes in Computer Science, Vol. 7465, 2012, p. 624-638.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Harvard

APA

CBE

MLA

Vancouver

Author

Stevanovic, Matija; Revsbech, Kasper; Pedersen, Jens Myrup; Sharp, Robin; Jensen, Christian D. / A collaborative approach to botnet protection.

In: Lecture Notes in Computer Science, Vol. 7465, 2012, p. 624-638.

Publication: Research - peer-reviewConference article – Annual report year: 2012

Bibtex

@article{aea52aa6abfb4070a0f11b00800a3d29,
title = "A collaborative approach to botnet protection",
keywords = "Health care, Internet",
publisher = "Springer",
author = "Matija Stevanovic and Kasper Revsbech and Pedersen, {Jens Myrup} and Robin Sharp and Jensen, {Christian D.}",
year = "2012",
doi = "10.1007/978-3-642-32498-7_47",
volume = "7465",
pages = "624--638",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",

}

RIS

TY - CONF

T1 - A collaborative approach to botnet protection

A1 - Stevanovic,Matija

A1 - Revsbech,Kasper

A1 - Pedersen,Jens Myrup

A1 - Sharp,Robin

A1 - Jensen,Christian D.

AU - Stevanovic,Matija

AU - Revsbech,Kasper

AU - Pedersen,Jens Myrup

AU - Sharp,Robin

AU - Jensen,Christian D.

PB - Springer

PY - 2012

Y1 - 2012

N2 - Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously. © 2012 IFIP International Federation for Information Processing.

AB - Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously. © 2012 IFIP International Federation for Information Processing.

KW - Health care

KW - Internet

U2 - 10.1007/978-3-642-32498-7_47

DO - 10.1007/978-3-642-32498-7_47

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

VL - 7465

SP - 624

EP - 638

ER -