Real-time Detection of Botnet Behavior in Cloud Using Domain Generation Algorithm
Title | Real-time Detection of Botnet Behavior in Cloud Using Domain Generation Algorithm |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Kumar, Vimal, Kumar, Satish, Gupta, Avadhesh Kumar |
Conference Name | Proceedings of the International Conference on Advances in Information Communication Technology & Computing |
Date Published | August 2016 |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-4213-1 |
Keywords | Botnet, C&C server, cyber attack, DGA, DNS, Human Behavior, Metrics, NetFlow, pubcrawl, Scalability, spam detection |
Abstract | In the last few years, the high acceptability of service computing delivered over the internet has exponentially created immense security challenges for the services providers. Cyber criminals are using advanced malware such as polymorphic botnets for participating in our everyday online activities and trying to access the desired information in terms of personal details, credit card numbers and banking credentials. Polymorphic botnet attack is one of the biggest attacks in the history of cybercrime and currently, millions of computers are infected by the botnet clients over the world. Botnet attack is an intelligent and highly coordinated distributed attack which consists of a large number of bots that generates big volumes of spamming e-mails and launching distributed denial of service (DDoS) attacks on the victim machines in a heterogeneous network environment. Therefore, it is necessary to detect the malicious bots and prevent their planned attacks in the cloud environment. A number of techniques have been developed for detecting the malicious bots in a network in the past literature. This paper recognize the ineffectiveness exhibited by the singnature based detection technique and networktraffic based detection such as NetFlow or traffic flow detection and Anomaly based detection. We proposed a real time malware detection methodology based on Domain Generation Algorithm. It increasesthe throughput in terms of early detection of malicious bots and high accuracy of identifying the suspicious behavior. |
URL | https://dl.acm.org/doi/10.1145/2979779.2979848 |
DOI | 10.1145/2979779.2979848 |
Citation Key | kumar_real-time_2016 |