• DocumentCode
    2809195
  • Title

    The Automatic Discovery, Identification and Measurement of Botnets

  • Author

    Castle, Ian ; Buckley, Eimear

  • Author_Institution
    ECSC Ltd., Bradford
  • fYear
    2008
  • fDate
    25-31 Aug. 2008
  • Firstpage
    127
  • Lastpage
    132
  • Abstract
    The majority of virus, spam and malicious emails are sent through the use of a network of compromised computers, or botnet. The early discovery and identification of the botnet is an important aspect in the understanding of, and the development of responses to new threats aimed at email systems and their users. In this paper we present a novel technique for the automatic identification, analysis and measurement of botnets used to deliver malicious email. The paper also describes a reference implementation of a system developed to demonstrate these techniques. This system has been deployed in a live environment, and has shown to be highly effective in use. Practical applications for the use of the techniques developed, include improved anti-spam and anti-virus systems, are presented.
  • Keywords
    computer viruses; software agents; unsolicited e-mail; anti-spam systems; anti-virus systems; botnets discovery; malicious emails; Bandwidth; Computer networks; Computer security; Information security; Internet; Payloads; Real time systems; Relays; Software performance; Uniform resource locators; botnet; discovery; identification system; malicious email;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on
  • Conference_Location
    Cap Esterel
  • Print_ISBN
    978-0-7695-3329-2
  • Electronic_ISBN
    978-0-7695-3329-2
  • Type

    conf

  • DOI
    10.1109/SECURWARE.2008.44
  • Filename
    4622572
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2809195