Role-based collaborative information collection model for botnet detection

Author

Wang, Hailong ; Gong, Zhenghu

Author_Institution

Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China

fYear

2010

fDate

17-21 May 2010

Firstpage

473

Lastpage

480

Abstract

With the growing number of botnet attacks, the botnet detection is becoming increasingly important for the network security. To enhance the existing botnet detection systems which are short of efficient information collection functions, this paper presents a collaborative information collection model with a new 5-tuple structural mode. In the model, we introduce the static and dynamic roles to meet the requirements of information collection and collaboration respectively. Moreover, we give an efficient design for the collection agent and its communication mechanism, which are the core components in the model. Finally, a representative example is given to show that our design for the collection agent can effectively collect the information about the widespread botnet activities, which can help to improve the detection performance and accuracy for a botnet detection system.

Keywords

data acquisition; invasive software; 5-tuple structural mode; botnet detection; network security; role based collaborative information collection model; Collaboration; Collaborative work; Computer networks; Computer security; Information analysis; Information security; Intrusion detection; Local area networks; National security; Performance analysis; Botnet; Collaborative; Information Collection; Network Security; Role;

fLanguage

English

Publisher

ieee

Conference_Titel

Collaborative Technologies and Systems (CTS), 2010 International Symposium on

Conference_Location

Chicago, IL

Print_ISBN

978-1-4244-6619-1

Type

conf

DOI

10.1109/CTS.2010.5478475

Filename

5478475