loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Iria Prieto ; Eduardo Magaña ; Daniel Morató and Mikel Izal

Affiliation: Public University of Navarre, Spain

Keyword(s): Botnet, Command and control, Domain name, DNS record, WHOIS.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Security in Information Systems ; Security Metrics and Measurement ; Wireless Network Security

Abstract: Computers connected to Internet are constantly threatened by different types of malware. One of the most important malware are botnets that convert infected computers into agents that follow actions instructed by a command-and-control server. A botmaster can control thousands of agents. This means a significant capacity to accomplish any kind of network attack (DoS), email spam or phishing. In this paper, communication peculiarities with the command-and-control server are used to provide an identification of computers infected by a botnet. This identification is based mainly in DNS records of registered domains where command-and-control servers are hosted. Therefore, processing overhead is reduced avoiding per packet or per flow network supervision.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.142.195.24

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Prieto, I.; Magaña, E.; Morató, D. and Izal, M. (2011). BOTNET DETECTION BASED ON DNS RECORDS AND ACTIVE PROBING. In Proceedings of the International Conference on Security and Cryptography (ICETE 2011) - SECRYPT; ISBN 978-989-8425-71-3; ISSN 2184-3236, SciTePress, pages 307-316. DOI: 10.5220/0003522903070316

@conference{secrypt11,
author={Iria Prieto. and Eduardo Magaña. and Daniel Morató. and Mikel Izal.},
title={BOTNET DETECTION BASED ON DNS RECORDS AND ACTIVE PROBING},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2011) - SECRYPT},
year={2011},
pages={307-316},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003522903070316},
isbn={978-989-8425-71-3},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2011) - SECRYPT
TI - BOTNET DETECTION BASED ON DNS RECORDS AND ACTIVE PROBING
SN - 978-989-8425-71-3
IS - 2184-3236
AU - Prieto, I.
AU - Magaña, E.
AU - Morató, D.
AU - Izal, M.
PY - 2011
SP - 307
EP - 316
DO - 10.5220/0003522903070316
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic