Title :
IRC Traffic Analysis for Botnet Detection
Author :
Mazzariello, Claudio
Author_Institution :
Univ. of Napoli Federico II, Naples
Abstract :
Networked hosts´ vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated attacks. There are many ways to perform control on an army of possibly unaware infected hosts, and an example of such techniques is discussed in this paper. We will address the problem of detecting botnets, by introducing a network traffic analysis architecture, and describing a behavioral model, for a specific class of network users, capable of identifying botnet-related activities.
Keywords :
computer networks; security of data; telecommunication traffic; IRC traffic analysis; botnet detection; computer networks; network traffic; networked hosts vulnerabilities; Command and control systems; Communication system traffic control; Computer networks; Computer security; Government; Information analysis; Information security; National security; Telecommunication traffic; Traffic control; IRC; botnet; model;
Conference_Titel :
Information Assurance and Security, 2008. ISIAS '08. Fourth International Conference on
Conference_Location :
Naples
Print_ISBN :
978-0-7695-3324-7
DOI :
10.1109/IAS.2008.58
