Title :
Efficient detection of malicious nodes based on DNS and statistical methods
Author :
Marko, Peter ; Vilhan, Peter
Author_Institution :
Fac. of Inf. & Inf. Technol, Slovak Univ. of Technol., Bratislava, Slovakia
Abstract :
The power and flexibility of botnets is rising together with increasing the computational power of personal computers and growing network bandwidth. This implies extreme demands on ISP´s security resources in contrast to minimizing the delay and maximizing the throughput of the network. The main contribution of our approach is ability to detect botnet´s nodes in LAN using resource friendly solution. This brings high efficiency into the dealing with malicious host´s activity. The proposed solution can be transparently integrated into existing security infrastructure even on legacy hardware.
Keywords :
computer network security; local area networks; microcomputers; resource allocation; statistical analysis; DNS; ISP security resources; LAN; botnet node detection; computational power; delay minimization; legacy hardware; malicious host activity; malicious node detection; network bandwidth; personal computers; resource friendly solution; security infrastructure; statistical method; throughput maximization; Algorithm design and analysis; Computers; IP networks; Local area networks; Registers; Security; Servers;
Conference_Titel :
Applied Machine Intelligence and Informatics (SAMI), 2012 IEEE 10th International Symposium on
Conference_Location :
Herl´any
Print_ISBN :
978-1-4577-0196-2
DOI :
10.1109/SAMI.2012.6208963
