A First Step towards Live Botmaster Traceback
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
One of the most potentially dangerous security problems for computer networks is the botnet. Since botnets based on the IRC(Internet Chat Relay) protocol are relatively new, not enough research has been done on them. In this paper, we propose a method to detect the botmaster by starting from the victim and working backwards through the routers. The malicious traffic is blocked during the process of detecting the botmaster router by router.