DocumentCode :
2758929
Title :
VMM-Based Framework for P2P Botnets Tracking and Detection
Author :
Zhou, Lingyun
Author_Institution :
Dept. of Comput. Sci., South Central Univ. for Nat., Wuhan, China
Volume :
2
fYear :
2009
fDate :
25-26 July 2009
Firstpage :
172
Lastpage :
175
Abstract :
Botnets detection is a relatively new and a very challenging research area. In this paper, we presented VMMBotsViewer, a VMM based botnet detection system that explores the network traffic behavior and system level botnets command and control event. Our experimental evaluation of VMMBotsViewer on many real-world network showed that it has very promising detection accuracy with very low false positive rate.
Keywords :
invasive software; peer-to-peer computing; telecommunication security; telecommunication traffic; virtual machines; P2P botnet detection; P2P botnet tracking; VMM-based framework; VMMBotsViewer; network traffic behavior; system level botnet command-control event; Command and control systems; Computer networks; Computer science; Event detection; Information technology; Monitoring; Operating systems; Peer to peer computing; Protocols; Telecommunication traffic; Botnets; VMM; detection;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Technology and Computer Science, 2009. ITCS 2009. International Conference on
Conference_Location :
Kiev
Print_ISBN :
978-0-7695-3688-0
Type :
conf
DOI :
10.1109/ITCS.2009.301
Filename :
5190208
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2758929
بازگشت