Goel et al., 2006 - Google Patents
Botnets: the anatomy of a caseGoel et al., 2006
View PDF- Document ID
- 8142689698612212622
- Author
- Goel S
- Baykal A
- Pon D
- Publication year
- Publication venue
- Journal of Information Systems Security
External Links
Snippet
Botnets have become the dominant mechanism for launching distributed denial-of-service attacks on computer networks. In a recent incident, the computer network of an organization was attacked and disabled. This attack was initially identified by intrusion detection devices …
- 210000003484 anatomy 0 title abstract description 6
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10587636B1 (en) | System and method for bot detection | |
| US9027135B1 (en) | Prospective client identification using malware attack detection | |
| US8561177B1 (en) | Systems and methods for detecting communication channels of bots | |
| US9942270B2 (en) | Database deception in directory services | |
| Freiling et al. | Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks | |
| Li et al. | Botnet: Survey and case study | |
| Wang et al. | Honeypot detection in advanced botnet attacks | |
| US8204984B1 (en) | Systems and methods for detecting encrypted bot command and control communication channels | |
| Stamm et al. | Drive-by pharming | |
| US20080196099A1 (en) | Systems and methods for detecting and blocking malicious content in instant messages | |
| Martin et al. | Raspberry Pi Malware: An analysis of cyberattacks towards IoT devices | |
| Govil et al. | Criminology of botnets and their detection and defense methods | |
| Simkhada et al. | Security threats/attacks via botnets and botnet detection & prevention techniques in computer networks: a review | |
| Ghorbani et al. | Network attacks | |
| Goel et al. | Botnets: the anatomy of a case | |
| Yoshioka et al. | Vulnerability in public malware sandbox analysis systems | |
| Jogdand et al. | Survey of different IDS using honeytoken based techniques to mitigate cyber threats | |
| WO2008086224A2 (en) | Systems and methods for detecting and blocking malicious content in instant messages | |
| Ranjith et al. | Design and implementation of a defense system from TCP injection attacks | |
| Agbogun et al. | Network security management: solutions to network intrusion related problems | |
| Wang et al. | The botnet problem | |
| Ramsbrock et al. | The Botnet Problem | |
| Zeltser | The evolution of malicious agents | |
| Sarvepalli | Designing Network Security Labs | |
| Thomas et al. | Bot countermeasures |