Loading...

A Botnet Detection Technique

Momeni, Behnam | 2012

1625 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 43410 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Kharrazi, Mehdi
  7. Abstract:
  8. A set of infected computers which are coordinated in some manner by one’s willingness and can perform malicious activities and provide threats in the cyberspace forms a network of bots, namely botnet. Botnet threats are more important and significant than other malwares due to their huge scale. A lot of computers coming together in a network obeying one’s commands allows their controller to conduct, for example, DoS attacks larger than ever seen incidents. This thesis, introduces botnets, their various threats, and an effective technique for detecting them. For this reason, different probable states of bots will be studied and modeled as a coherent bot life-cycle. The bot life-cycle allows predicting what a bot is willing to do, discriminating between bots and other malwares. This also helps the proposed technique to become independent of currently existing bots. The proposed model has three unique features. First it uses a probabilistic approach and identifies probability of different bot states continually. Second it holds history of bot activities efficiently, without requiring keeping original huge traffics, and applies them for deciding about bot existence. This makes it nearly impossible for bots to evade detection through slowing down their activities. Third it allows a long enough period of events to be kept and analyzed at each round, without incurring delays for gathering a lot of data, making live bot detection possible at the same time
  9. Keywords:
  10. Traffic Analysis ; Botnet Networks Detection ; Bot Life-Cycle ; Behavior History Preserving Method ; Linear Accepting Probabilistic Automata

 Digital Object List

 Bookmark

...see more