A Botnet Detecting Infrastructure Using a Beneficial Botnet
| Title | A Botnet Detecting Infrastructure Using a Beneficial Botnet |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Yamanoue, Takashi |
| Conference Name | Proceedings of the 2018 ACM on SIGUCCS Annual Conference |
| Publisher | ACM |
| ISBN Number | 978-1-4503-5582-7 |
| Keywords | Bot, botnets, Collaboration, compositionality, Metrics, pubcrawl, resilience, Resiliency, security |
| Abstract | A beneficial botnet, which tries to cope with technology of malicious botnets such as peer to peer (P2P) networking and Domain Generation Algorithm (DGA), is discussed. In order to cope with such botnets' technology, we are developing a beneficial botnet as an anti-bot measure, using our previous beneficial bot. The beneficial botnet is a group of beneficial bots. The peer to peer (P2P) communication of malicious botnet is hard to detect by a single Intrusion Detection System (IDS). Our beneficial botnet has the ability to detect P2P communication, using collaboration of our beneficial bots. The beneficial bot could detect communication of the pseudo botnet which mimics malicious botnet communication. Our beneficial botnet may also detect communication using DGA. Furthermore, our beneficial botnet has ability to cope with new technology of new botnets, because our beneficial botnet has the ability to evolve, as same as malicious botnets. |
| URL | https://dl.acm.org/citation.cfm?doid=3235715.3235728 |
| DOI | 10.1145/3235715.3235728 |
| Citation Key | yamanoue_botnet_2018 |