Title :
A Distributed Botnet Detecting Approach Based on Traffic Flow Analysis
Author :
Li Sheng ; Liu Zhiming ; He Jin ; Deng Gaoming ; Huang Wen
Author_Institution :
Northern Electron. Instrum. Inst., Beijing, China
Abstract :
Bonnet is extremely harmful to computer network security which could cause many network attacks(like spam, DDoS, phishing etc). In this paper, we design a distributed Bonnet detecting approach based on network traffic analysis. A botnet detection framework is proposed, which composed of two sections: Data Collection and Filter, Bonnet Detection and Identify. The first section is deployed in distributed hosts in order to capture network traffic data, filter data and classify data. The second section is deployed in centralized place which collectes all data from distributed hosts and detected the botnet using data amalgamation algorithms and characteristic identified algorithms. The detecting approach works efficiently and can detect botnet in the experiment environment.
Keywords :
computer network security; telecommunication traffic; computer network security; data amalgamation algorithms; data collection; data filter; distributed botnet detecting approach; network attacks; traffic flow analysis; Correlation; Data collection; Data integration; Distributed databases; Law; Local area networks; Telecommunication traffic; botnet; botnet detection framework; detecting approach; traffic flow analysis;
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control (IMCCC), 2012 Second International Conference on
Conference_Location :
Harbin
Print_ISBN :
978-1-4673-5034-1
DOI :
10.1109/IMCCC.2012.36
