- Title
- A Framework for DNS Based Detection of Botnets at the ISP Level
- Creator
- Stalmans, Etienne
- Creator
- Irwin, Barry V W
- Date Issued
- 2011
- Date
- 2011
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/427984
- Identifier
- vital:72478
- Identifier
- https://www.researchgate.net/profile/Barry-Ir-win/publication/327622932_A_Framework_for_DNS_Based_Detection_of_Botnets_at_the_ISP_Level/links/5b9a14e1458515310583fc19/A-Framework-for-DNS-Based-Detection-of-Botnets-at-the-ISP-Level.pdf
- Description
- The rapid expansion of networks and increase in internet connected devices has lead to a large number of hosts susceptible to virus infec-tion. Infected hosts are controlled by attackers and form so called bot-nets. These botnets are used to steal data, mask malicious activity and perform distributed denial of service attacks. Traditional protection mechanisms rely on host based detection of viruses. These systems are failing due to the rapid increase in the number of vulnerable hosts and attacks that easily bypass detection mechanisms. This paper pro-poses moving protection from the individual hosts to the Internet Ser-vice Provider (ISP), allowing for the detection and prevention of botnet traffic. DNS traffic inspection allows for the development of a lightweight and accurate classifier that has little or no effect on network perfor-mance. By preventing botnet activity at the ISP level, it is hoped that the threat of botnets can largely be mitigated.
- Format
- 2 pages
- Format
- Language
- English
- Relation
- Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC)
- Relation
- Stalmans, E. and Irwin, B., 2011. A Framework for DNS Based Detection of Botnets at the ISP Level. Southern Africa Telecommunication Networks and Applications Conference (SATNAC)
- Relation
- Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC) volume 2011 number 1 1 2 2011 Conference
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the Southern Africa Telecommunication Networks and Applications Conference (SA TNAC) Statement (https://www.satnac.org.za/)
- Hits: 88
- Visitors: 95
- Downloads: 8
Collections
Irwin, Barry V W (Prof)
RU Department of Computer Science
SDG 09. Industry, Innovation and Infrastructure
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | A Framework for DNS Based Detection of Botnets at the ISP Level.pdf | 120 KB | Adobe Acrobat PDF | View Details Download |