Title :
Using Network Forensics and Artificial Intelligence Techniques to Detect Bot-nets on an Organizational Network
Author :
Vural, I. ; Venter, H.S.
Author_Institution :
Univ. of Pretoria, Pretoria, South Africa
Abstract :
Malicious software often infects a corporate network by exploiting security holes in web browsers to infiltrate a PC when its user visits a dodgy website. Compromised machines can then be linked up to form “Bot-nets” under external control, which are used to send spam e-mails or disable websites with a flood of bogus requests. This Paper looks at identity concealment techniques and Bot-net characteristics followed by an introduction to the concept of network forensics. The paper then proposes the use of computational intelligence techniques to detect Bot-nets. We then simulate anomaly detection in the next section followed by an interpretation of the simulated results in the following section. Followed by a section describing future work, the paper then concludes by discussing how the system would be tested on an organizational network.
Keywords :
Web sites; artificial intelligence; online front-ends; security of data; unsolicited e-mail; Bot-nets detection; Web browsers; anomaly detection; artificial intelligence techniques; computational intelligence techniques; dodgy Web site; malicious software; network forensics; organizational network; security holes; spam e-mails; Artificial intelligence; Bandwidth; Computational intelligence; Computational modeling; Costs; Forensics; Information technology; Proposals; Unsolicited electronic mail; Web and internet services; Spammers; abnormality detection; artificial intelligence; fuzzy logic;
Conference_Titel :
Information Technology: New Generations (ITNG), 2010 Seventh International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-6270-4
DOI :
10.1109/ITNG.2010.67
