ناشر تخصصی کنفرانس های ایران

لطفا کمی صبر نمایید

Publisher of Iranian Journals and Conference Proceedings

Please waite ..
Publisher of Iranian Journals and Conference Proceedings
Login |Register |Help |عضویت کتابخانه ها
Paper
Title

Detecting Infected Botnet Machines by the Use of DNS Server Traffic Analysis

Year: 1395
Publish place:
COI: ICRSIE02_034
Language: EnglishView: 303
This Paper With 10 Page And PDF Format Ready To Download

Buy and Download

با استفاده از پرداخت اینترنتی بسیار سریع و ساده می توانید اصل این Paper را که دارای 10 صفحه است به صورت فایل PDF در اختیار داشته باشید.
آدرس ایمیل خود را در کادر زیر وارد نمایید:

Authors

Samaneh Bahrami - Department of Computer Engineering, Science and Research Branch , Islamic Azad University , Tehran , Iran,

Abstract:

Detection of machines infected with botnets through domain name system (DNS) traffic analysis is a means of confronting a new generation of cyber-attacks. One of today’s security challenges is activity in domain name systems. Botnets are among these new generation of threats. Botnets are centered on DNS and they infect victim computers using Trojans or e-mails to which malicious codes are attached. As a result, botnets cede control of the victim computer to a botmaster to carry out targeted attacks. In this paper, the author studied interactions of botnets with DNS systems and the requests and responses exchanged with DNS systems. The authors also proposed a detection mechanism based on the behavioral pattern of a botnet. The results of this research revealed new anomalies and led to an anomaly detection method.

Keywords:

Domain Name System , botnet , botmaster , command and control (C&C)

Paper COI Code

This Paper COI Code is ICRSIE02_034. Also You can use the following address to link to this article. This link is permanent and is used as an article registration confirmation in the Civilica reference:

https://civilica.com/doc/617506/

How to Cite to This Paper:

If you want to refer to this Paper in your research work, you can simply use the following phrase in the resources section:
Bahrami, Samaneh,1395,Detecting Infected Botnet Machines by the Use of DNS Server Traffic Analysis,دومین کنفرانس بین المللی پژوهش در علوم و مهندسی,Ahar,https://civilica.com/doc/617506

مراجع و منابع این Paper:

لیست زیر مراجع و منابع استفاده شده در این Paper را نمایش می دهد. این مراجع به صورت کاملا ماشینی و بر اساس هوش مصنوعی استخراج شده اند و لذا ممکن است دارای اشکالاتی باشند که به مرور زمان دقت استخراج این محتوا افزایش می یابد. مراجعی که مقالات مربوط به آنها در سیویلیکا نمایه شده و پیدا شده اند، به خود Paper لینک شده اند :

  • Dewalet D. Definitive Guide to n ex t-Generation threat protection, ...
  • Linh V. DNS traffic alysis for network-bas ed Malware detection, ...
  • Schiavoni S. Finding charactericzin g and tracking domain generation algorithms ...
  • Wang J. Computer Network Security :Theory and Practice, Springer Berlin ...
  • Akkaya D. Honeypots in network security, Bachelor degree project, Linnaeus ...
  • Northcutt S, Novak J. Network Intrusion De tection(Third Edition), Sams ...
  • Symantec white paper. Advanced persistent threats: A symantec perspective, Symantec ...
  • Jiang N. Identifying suspicions activties through DNS failure graph analysis, ...
  • Vern P. Practical comprehen sive Bounds on surrep0titious _ ommunication ...
  • Chappell l. Wireshark Network Analysis the official wireshark certified network ...
  • Wang I. A fast hierachical clustering algorithm for functional modules ...
  • Antonakakis M. From throw-Away Traffic to bots: detecting the rise ...
  • Research Info Management

    Certificate | Report | من نویسنده این مقاله هستم

    اطلاعات استنادی این Paper را به نرم افزارهای مدیریت اطلاعات علمی و استنادی ارسال نمایید و در تحقیقات خود از آن استفاده نمایید.

    Scientometrics

    The specifications of the publisher center of this Paper are as follows:
    Type of center: Azad University
    Paper count: 32,878
    In the scientometrics section of CIVILICA, you can see the scientific ranking of the Iranian academic and research centers based on the statistics of indexed articles.

    مقالات پیشنهادی مرتبط

    Share this page

    More information about COI

    COI stands for "CIVILICA Object Identifier". COI is the unique code assigned to articles of Iranian conferences and journals when indexing on the CIVILICA citation database.

    The COI is the national code of documents indexed in CIVILICA and is a unique and permanent code. it can always be cited and tracked and assumed as registration confirmation ID.

    Support