Title :
Method to detect botnet based on network coordination
Author :
Tian, Zhifei ; Liu, Dan
Author_Institution :
Res. Inst. of Electron. Sci. & Technol., Univ. of Electron. Sci. & Technol. of China, Chengdu, China
Abstract :
A novel method to detect botnet based on network coordination is proposed. This paper constructs a coordinative detection model of botnet, by utilizing hybrid network structure and analyzing information of a large number of detection nodes. First, detect abnormal attack behavior of nodes. Then define the set of nodes with similar behavior and build a coordinative task. At last, detect botnet nodes by the coordinative task. The experiment in LAN indicates that the method can identify similar behavior in network, and then detect botnet nodes. The controllability of this model is good.
Keywords :
computer network security; local area networks; unsolicited e-mail; LAN; abnormal attack behavior detection; botnet detection; controllability; coordinative detection model; hybrid network structure; network coordination; Monitoring; botnet detection; model; network coordination; similarity;
Conference_Titel :
Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4673-2007-8
DOI :
10.1109/ICSESS.2012.6269449