Hybrid Botnet Detection Mechanism

Katha Chanda

Call for Paper

June Edition

IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper

Know more

The week's pick

Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin

Random Articles

Sliding Mode Control of Half-car Active Suspension

Dec

2016

Article:Development of Mathematical Model for Market-Oriented Cloud Computing

November

2010

Investigation of Performance-Security Tradeoff in Robotic Mobile Wireless Ad hoc Networks (RANETs) using Stochastic Petri Nets

January

2013

Wavelet and Curvelet Transformation based Image Fusion with ANFIS and SVM

July

2015

Reseach Article

Hybrid Botnet Detection Mechanism

by Katha Chanda

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 91 - Number 5

Year of Publication: 2014

Authors: Katha Chanda

10.5120/15876-4823

Katha Chanda . Hybrid Botnet Detection Mechanism. International Journal of Computer Applications. 91, 5 ( April 2014), 12-16. DOI=10.5120/15876-4823

@article{ 10.5120/15876-4823,

author = { Katha Chanda },

title = { Hybrid Botnet Detection Mechanism },

journal = { International Journal of Computer Applications },

issue_date = { April 2014 },

volume = { 91 },

number = { 5 },

month = { April },

year = { 2014 },

issn = { 0975-8887 },

pages = { 12-16 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume91/number5/15876-4823/ },

doi = { 10.5120/15876-4823 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T22:11:58.095727+05:30

%A Katha Chanda

%T Hybrid Botnet Detection Mechanism

%J International Journal of Computer Applications

%@ 0975-8887

%V 91

%N 5

%P 12-16

%D 2014

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Botnets have emerged as one of the biggest threats to internet security in the recent years. They have confounded security researchers because of their mobile and secretive behavior. A Botnet is a network of zombie machines remotely controlled by a command server or a Botmaster. These compromised host machines may be used for sending spam, launching DOS attacks, spying or stealing information. As botnets have evolved, so has the detection techniques changed. A number of different techniques have been suggested yet no technique is completely foolproof. While some are based on detecting anomalies, others focus on DNS queries [Choi et al. , 2007] or DNSBL [Ramachandran et al. , 2006] queries etc. This paper analyzes layouts of different detection techniques. The paper tries to find features that, when combined together, complement each other's strengths and eliminate the weaknesses and suggests a framework consisting of a combination of those features which, theoretically, should overcome most of the common problems faced by detection techniques.

References

N. Feamster, A. Ramachandran and D. Dagon, "Revealing botnet membership using dnsbl counter-intelligence," in The 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI '06), 2006.
W. Li, S. Xie, J. Luo, Xiaodong Zhu,A Detection Method for Botnet based on Behavior Features, Proceedings of the 2nd International Conference On Systems Engineering and Modeling (ICSEM-2013), 2013
Hossein Rouhani Zeidanloo,Azizah Bt Abdul Manaf, "Botnet Detection by Monitoring Similar Communication Patterns",(IJCSIS) International Journal of Computer Science and Information Security,Vol. 7, No. 3, March 2010,pp. 36- 45.
H. Choi, H. Lee, and H. Kim. Botnet detection by monitoring group activities in dns traffic. In proceedings of the 7th IEEE International Conference on Computer and Information Technology(CIT'07), Washington, DC, October 2007.
Robiah Y, Siti Rahayu S. , Mohd Zaki M. , Shahrin S. , Faizal M. A. , Marliza R. ;A New Generic Taxonomy on Hybrid Malware Detection Technique. (IJCSIS) International Journal of Computer Science and Information Security, Vol. 5, No. 1, 2009
G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. BotHunter: Detecting malware infection through ids-driven dialog correlation. In Proceedings of the 16th USENIX Security Symposium (Security'07), 2007.
G. Gu, R. Perdisci, J. Zhang, and W. Lee, "Botminer: Clustering analysis of network traffic for protocol- and structure independent Botnet detection," in Proc. 17th USENIX Security Symposium, 2008.
T. Karagiannis, K. Papagiannaki, and M. Faloutsos, "BLINC:multilevel traffic classification in the dark," In Proceedings of the 2005 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 229-240, Philadelphia, Pennsylvania, 2005

Index Terms

Computer Science

Information Sciences

Keywords

Signature based detection Anomaly based detection Hybrid Method Protocol Independence.