Classification Based Network Layer Botnet Detection

Botnets has emerged as the capacious cyber security menace that is encountered by the institutions as well as population around the terrene. It has matured into becoming the primal carrier for launching the most serious menace such as DDOS attacks, spreading of spams, stealing of user’s sensitive information (Banking info, credit card info etc.) and more. Generally, the community of common users are unaware of security standards that make them even more susceptible to bot attacks. A sententious amount of research for botnet detection and analysis has been done but significant amount of work has not been done in terms of contributing a community herded tool for bots. We propose an idea to perform filtration and classification on data received by Botflex that can help to reduce processing overhead and throughput of IDS will be improved. Botflex have limited set of detection parameters which are extended in our proposed approach.

[1]  Vinod Yegneswaran,et al.  BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation , 2007, USENIX Security Symposium.

[2]  Garrett Gross Detecting and destroying botnets , 2016, Netw. Secur..

[3]  Consolación Gil,et al.  Design of a Snort-Based Hybrid Intrusion Detection System , 2009, IWANN.

[4]  Syed Ali Khayam,et al.  A Taxonomy of Botnet Behavior, Detection, and Defense , 2014, IEEE Communications Surveys & Tutorials.

[5]  Nor Badrul Anuar,et al.  Botnet detection techniques: review, future trends, and issues , 2014, Journal of Zhejiang University SCIENCE C.

[6]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[7]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[8]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[9]  Guofei Gu,et al.  EFFORT: A new host-network cooperated framework for efficient and effective bot malware detection , 2013, Comput. Networks.

[10]  Christopher Krügel,et al.  Extracting probable command and control signatures for detecting botnets , 2014, SAC.

[11]  Chin-Tser Huang,et al.  Using anomaly detection based techniques to detect HTTP-based botnet C&C traffic , 2016, 2016 IEEE International Conference on Communications (ICC).

[12]  Ali A. Ghorbani,et al.  Botnet detection based on traffic behavior analysis and flow intervals , 2013, Comput. Secur..

[13]  Syed Ali Khayam,et al.  BotFlex: A community-driven tool for botnet detection , 2015, J. Netw. Comput. Appl..

[14]  Affan A. Syed,et al.  Titan: Enabling Low Overhead and Multi-faceted Network Fingerprinting of a Bot , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[15]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.