NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • Tagged with
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 2 of 2 (0.045 seconds)

Spelling suggestions: "subject:"10bbased botnet"" "subject:"10bbased dotnet""

1

Hybrid Botnet Detection

Huang, Ming-Zong 13 August 2010 (has links)
There are three mail types of Botnet: IRC-based Botnet, P2P-based Botnet,Web-based Botnet and they have become major threat to the Internet recently. Web-based Botnet is popular and more harmful to users. The architecture of Web-based Botnet is simpler than P2P-based Botnet, and its malicious traffic can be hidden in a large number of normal traffic. In this study, we built an experimental environment of using malicious bot programs to detect suspicious traffic and malware features. Except network attacking and identity theft, Botnet could also be used by hackers to extend the life time of rouge websites by combining with the technology of Fast Flux Domain. Botnet and the technology of Fast Flux Domain closely link to each other in the real world. Both of Web-based Botnet and Fast Flux Domain technology use HTTP protocol to communicate, and Botnet provides a large number of infected hosts to be Fast Flux Agents which act like a relay station to block the direct link of malicious websites from clients, but completes the mutual connection. In the research, not only the analysis and detection of Web-based Botnet are focused, but also the impact of Fast Flux Domain technology is included. We expect to clear the architecture of Botnet and the technology of Fast Flux Domain, and make the detection mechanism more precisely.
Botnet
Web-based Botnet
Fast Flux Domain
2

Web-based Botnet Detection Based on Flow Information

Tsai, Yu-Chou 08 September 2009 (has links)
Botnet is a combination of Cyber Attack, infection, and dissemination. Cross the Internet, the infected hosts might launch DDoS (Distributed Denial-of-Service) Attack, become a proxy sending SPAM according to commands from botmasters via some public services such as IRC, P2P or Web (HTTP) protocol. Among these command and control channel, Web-based Botnet is much difficult to detect because the command and control messages of Web-based Botnet are spread through HTTP protocol and hide behind normal Flows. In this research, we focus on analysis and detection of Web-based Botnet, detection by features - Timeslot, calculation of NetFlow, B2S(Bot to Server) and S2B(Server to Bot) of Web-based Botnet. The experimental result shows the proposed approach which uses the features mention above is good in many different topology designs. In addition, we also got nice detection rate in real network design.
DDoS(Distributed Denial-of-Service)
Web-based Botnet

Page generated in 0.0491 seconds