Title :
Identifying botnet communications using a mashup-based approach
Author :
Santos, Carlos Raniery P dos ; Bezerra, Rafael Santos ; Ceron, João Marcelo ; Granville, Lisandro Zambenedetti ; Tarouco, Liane M R
Author_Institution :
Inst. of Inf., Fed. Univ. of Rio Grande do Sul, Rio Grande, Brazil
Abstract :
Botnets are considered by specialists, in both industry and academia, as one of the greatest threats to security on the Internet. These networks are composed by a large number of malware-infected hosts acting under a central command. They are usually employed to perform DDoS attacks or phishing scams. The behavior of these botnets evolves due the adoption of new and sophisticated infection methods, changing of network protocols, and the employment of different command and control mechanisms. The security community, thus, is always dealing with such constant change. However, most botnet detection methods address just specific infection types or C&C protocols. We, therefore, propose a new approach based on the dynamic integration of pre-existing tools to achieve a more efficiently detection solution. To such end, we base our approach on a novel Web 2.0 technology called mashups to perform the information correlation. The proposal is extensible enough to allow even non-security information such as online mapping APIs be integrated to create more sophisticated compositions, and displaying the results in more meaningful ways.
Keywords :
Internet; computer crime; invasive software; protocols; DDoS attacks; Internet security threat; Web 2.0 technology; botnet communication identification; command mechanisms; control mechanisms; infection methods; information correlation; malware-infected hosts; mashup-based approach; network protocols; online mapping API; phishing scams; IP networks; Mashups; Proposals; Protocols; Security; Servers;
Conference_Titel :
Network Operations and Management Symposium (LANOMS), 2011 7th Latin American
Conference_Location :
Quito
Print_ISBN :
978-1-4577-1790-1
DOI :
10.1109/LANOMS.2011.6102273
