Title :
The research of botnet detection and prevention
Author :
Lee, Narn-Yih ; Chiang, Hung-Jen
Author_Institution :
Dept. of Inf. Manage., Southern Taiwan Univ., Yong-Kang, Taiwan
Abstract :
Malwares have become a major threat in the Internet. Attackers intrude hosts by many different kinds of methods, such as social engineering, phishing, distributing viruses and worms. Users´ computers and important servers are unaware that they are infected by malwares, and are still working. Therefore, it results in that malwares are spreading and infecting other computers. Besides, broad bandwidth networks and high speed computers make the botnets to work easier. This paper aims to propose Snort intrusion detecting system to detect and prevent the malicious bots. Some rules are designed to collect the normal and abnormal packets of the Internet Relay Chat (IRC) protocol. Then, some PHP programs are combined with Linux Netfilter/Iptables firewall to block the abnormal packets and warn system administrators.
Keywords :
Internet; Linux; authorisation; computer network security; invasive software; protocols; Internet relay chat protocol; Iptables firewall; Linux Netfilter; PHP program; Snort intrusion detection system; botnet detection; broad bandwidth network; high speed computer; malicious bot prevention; malware; social engineering; user computer; warn system administrator; Computer hacking; Computers; Internet; Intrusion detection; Linux; Protocols; Servers; Botnet; Firewall; Intrusion detection and prevention; Malware;
Conference_Titel :
Computer Symposium (ICS), 2010 International
Conference_Location :
Tainan
Print_ISBN :
978-1-4244-7639-8
DOI :
10.1109/COMPSYM.2010.5685534
