Botnet Detection (eBook)
XII, 168 Seiten
Springer US (Verlag)
978-0-387-68768-1 (ISBN)
Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat consists of chapters contributed by world-class leaders in this field, from the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets.
Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat, a contributed volume by world-class leaders in this field, is based on the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets. It provides botnet detection techniques and response strategies, as well as the latest results from leading academic, industry and government researchers. Botnet Detection: Countering the Largest Security Threat is intended for researchers and practitioners in industry. This book is also appropriate as a secondary text or reference book for advanced-level students in computer science.
Preface 6
Contents 9
List of Contributors 10
Botnet Detection Based on Network Behavior 12
1 Introduction 12
2 Approach 14
3 Filtering Stage 18
4 Classifier Stage 20
5 Correlation Stage 22
6 Topological Analysis Stage 30
7 Discussion 32
Acknowledgments 33
References 33
Honeynet-based Botnet Scan Traffic Analysis 36
1 Introduction 36
2 Related Work 38
3 Botnet Scanning Event Identification 39
4 Botnet Scanning Event Analysis 42
5 Conclusion 53
References 54
Characterizing Bots Remote Control Behavior 56
1 Introduction 56
2 Bots and Botnets 58
3 Experimental Method 60
4 Implementation 61
5 Experimental Evaluation 64
6 Potential for Host-Based, Behavioral Bot Detection 70
7 Related Work 72
8 Conclusions 73
References 73
Automatically Identifying Trigger-based Behavior in Malware 76
1 Introduction 76
2 Problem Statement and Approach Overview 79
3 MineSweeper Design 84
4 Implementation and Evaluation 91
5 Discussion 96
6 Related Work 97
7 Conclusion 98
References 98
Towards Sound Detection of Virtual Machines 100
1 Introduction 100
2 Background 104
3 Approach 105
4 Algorithm and Protocol Design 106
5 Implementation 111
6 Evaluation 112
7 Security Analysis 120
8 Discussion 122
9 Related Work 123
10 Conclusions 125
11 Acknowledgments 125
References 125
Botnets and Proactive System Defense 128
1 Introduction 128
2 Paradigm Shifts in Commerce 128
3 Fundamental Flaws in Current System 129
4 Growth and Changes in Malware 132
5 Future Trends of Botnets 134
6 Remediation of Core Vulnerabilities 137
7 Risks to the System without Change 139
8 Conclusions 139
References 140
Detecting Botnet Membership with DNSBL Counterintelligence 142
1 Introduction 142
2 Model of Reconnaissance Techniques 143
3 Data and Analysis 147
4 Results 148
5 Countermeasures 150
6 Related Work 151
7 Conclusion 151
References 152
A Taxonomy of Botnet Structures 154
1 Introduction 154
2 Botnet Taxonomy 155
3 Taxonomy-Driven Botnet Response Strategies 163
4 Related Work 169
5 Conclusion 171
Acknowledgments 171
References 172
Index 176
| Erscheint lt. Verlag | 23.10.2007 |
|---|---|
| Reihe/Serie | Advances in Information Security | Advances in Information Security |
| Zusatzinfo | XII, 168 p. |
| Verlagsort | New York |
| Sprache | englisch |
| Themenwelt | Mathematik / Informatik ► Informatik ► Datenbanken |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Algorithmen | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Informatik ► Weitere Themen ► Hardware | |
| Naturwissenschaften | |
| Schlagworte | ARO workshop • Botnet • Computer Science • detection techniques • Internet • Network • Research • response strategy • security • Strategy • Wenke Lee |
| ISBN-10 | 0-387-68768-8 / 0387687688 |
| ISBN-13 | 978-0-387-68768-1 / 9780387687681 |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
