Skip to Main content Skip to Navigation
Conference papers

A Collaborative Approach to Botnet Protection

Abstract : Botnets are collections of compromised computers which have come under the control of a malicious person or organisation via malicious software stored on the computers, and which can then be used to interfere with, misuse, or deny access to a wide range of Internet-based services. With the current trend towards increasing use of the Internet to support activities related to banking, commerce, healthcare and public administration, it is vital to be able to detect and neutralise botnets, so that these activities can continue unhindered. In this paper we present an overview of existing botnet detection techniques and argue why a new, composite detection approach is needed to provide efficient and effective neutralisation of botnets. This approach should combine existing detection efforts into a collaborative botnet protection framework that receives input from a range of different sources, such as packet sniffers, on-access anti-virus software and behavioural analysis of network traffic, computer sub-systems and application programs. Finally, we introduce ContraBot, a collaborative botnet detection framework which combines approaches that analyse network traffic to identify patterns of botnet activity with approaches that analyse software to detect items which are capable of behaving maliciously.
Complete list of metadata

Cited literature [37 references]  Display  Hide  Download

https://hal.inria.fr/hal-01542425
Contributor : Hal Ifip <>
Submitted on : Monday, June 19, 2017 - 5:01:04 PM
Last modification on : Thursday, March 5, 2020 - 4:47:32 PM
Long-term archiving on: : Friday, December 15, 2017 - 6:19:28 PM

File

978-3-642-32498-7_47_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Matija Stevanovic, Kasper Revsbech, Jens Pedersen, Robin Sharp, Christian Jensen. A Collaborative Approach to Botnet Protection. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Aug 2012, Prague, Czech Republic. pp.624-638, ⟨10.1007/978-3-642-32498-7_47⟩. ⟨hal-01542425⟩

Share

Metrics

Record views

170

Files downloads

490