E-Book, Englisch, 168 Seiten
Lee / Wang / Dagon Botnet Detection
1. Auflage 2007
ISBN: 978-0-387-68768-1
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
Countering the Largest Security Threat
E-Book, Englisch, 168 Seiten
Reihe: Advances in Information Security
ISBN: 978-0-387-68768-1
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat consists of chapters contributed by world-class leaders in this field, from the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets.
Autoren/Hrsg.
Weitere Infos & Material
1;Preface;6
2;Contents;9
3;List of Contributors;10
4;Botnet Detection Based on Network Behavior;12
4.1;1 Introduction;12
4.2;2 Approach;14
4.3;3 Filtering Stage;18
4.4;4 Classifier Stage;20
4.5;5 Correlation Stage;22
4.6;6 Topological Analysis Stage;30
4.7;7 Discussion;32
4.8;Acknowledgments;33
4.9;References;33
5;Honeynet-based Botnet Scan Traffic Analysis;36
5.1;1 Introduction;36
5.2;2 Related Work;38
5.3;3 Botnet Scanning Event Identification;39
5.4;4 Botnet Scanning Event Analysis;42
5.5;5 Conclusion;53
5.6;References;54
6;Characterizing Bots Remote Control Behavior;56
6.1;1 Introduction;56
6.2;2 Bots and Botnets;58
6.3;3 Experimental Method;60
6.4;4 Implementation;61
6.5;5 Experimental Evaluation;64
6.6;6 Potential for Host-Based, Behavioral Bot Detection;70
6.7;7 Related Work;72
6.8;8 Conclusions;73
6.9;References;73
7;Automatically Identifying Trigger-based Behavior in Malware;76
7.1;1 Introduction;76
7.2;2 Problem Statement and Approach Overview;79
7.3;3 MineSweeper Design;84
7.4;4 Implementation and Evaluation;91
7.5;5 Discussion;96
7.6;6 Related Work;97
7.7;7 Conclusion;98
7.8;References;98
8;Towards Sound Detection of Virtual Machines;100
8.1;1 Introduction;100
8.2;2 Background;104
8.3;3 Approach;105
8.4;4 Algorithm and Protocol Design;106
8.5;5 Implementation;111
8.6;6 Evaluation;112
8.7;7 Security Analysis;120
8.8;8 Discussion;122
8.9;9 Related Work;123
8.10;10 Conclusions;125
8.11;11 Acknowledgments;125
8.12;References;125
9;Botnets and Proactive System Defense;128
9.1;1 Introduction;128
9.2;2 Paradigm Shifts in Commerce;128
9.3;3 Fundamental Flaws in Current System;129
9.4;4 Growth and Changes in Malware;132
9.5;5 Future Trends of Botnets;134
9.6;6 Remediation of Core Vulnerabilities;137
9.7;7 Risks to the System without Change;139
9.8;8 Conclusions;139
9.9;References;140
10;Detecting Botnet Membership with DNSBL Counterintelligence;142
10.1;1 Introduction;142
10.2;2 Model of Reconnaissance Techniques;143
10.3;3 Data and Analysis;147
10.4;4 Results;148
10.5;5 Countermeasures;150
10.6;6 Related Work;151
10.7;7 Conclusion;151
10.8;References;152
11;A Taxonomy of Botnet Structures;154
11.1;1 Introduction;154
11.2;2 Botnet Taxonomy;155
11.3;3 Taxonomy-Driven Botnet Response Strategies;163
11.4;4 Related Work;169
11.5;5 Conclusion;171
11.6;Acknowledgments;171
11.7;References;172
12;Index;176
