Bot detection based on traffic analysis

Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

23 被引用数 (Scopus)

抄録

Recently, botnet becomes a social problem due to the expansion of bot infection. Ideally, all the vulnerable computers should be fortified to counteract laying malware. Accordingly, it is important to implement an information system which detects bot-infected computers and alerts them. In this paper, we focused on bots using IRC to communicate, and examined the behavior of such bots when they connected to an IRC server. We observed the actual traffic of some ports which were often used by IRC protocol. As a result, we confirmed that bots tried to reconnect to an IRC server at certain intervals when the server refused the connection from the bot. Moreover, we examined the distribution of the intervals and confirmed that the communication from other IP addresses showed similar behavior.

本文言語英語
ホスト出版物のタイトルProceedings The 2007 International Conference on Intelligent Pervasive Computing, IPC 2007
ページ303-306
ページ数4
DOI
出版ステータス出版済み - 2007
イベント2007 International Conference on Intelligent Pervasive Computing, IPC 2007 - Jeju Island, 大韓民国
継続期間: 10 11 200710 13 2007

出版物シリーズ

名前Proceedings The 2007 International Conference on Intelligent Pervasive Computing, IPC 2007

その他

その他2007 International Conference on Intelligent Pervasive Computing, IPC 2007
国/地域大韓民国
CityJeju Island
Period10/11/0710/13/07

All Science Journal Classification (ASJC) codes

  • コンピュータ サイエンス(全般)
  • コンピュータ ネットワークおよび通信
  • ソフトウェア

フィンガープリント

「Bot detection based on traffic analysis」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル