Botnet Detection and Collapse based on Traffic Analysis
| Autor: | Tian-Hao Chen, 陳天豪 |
|---|---|
| Rok vydání: | 2009 |
| Druh dokumentu: | 學位論文 ; thesis |
| Popis: | 97 A group of bots, referred to as a botnet, is remotely controllable by a server and can be used for sending spam mails, stealing personal information, and launching DDoS attacks. Botnets are evolved from malicious program, its features are providing the attacker secret, flexibility and very powerful capability. IRC is the most common botnet commend and control mechanism because it is scalable and easy to hide within. So in this paper, we focus on the IRC-based virus, using DNS hijacking technology to converge computers infected with botnet virus, this way is to monopolize the connection between hackers. Then figure out hackers how to control bots via traffic analysis. Our results show that bots traffic can be filtering and redirection, and we also can give bot client assistance in clean virus up. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|