Detecting and Blocking Malicious Traffic Caused by IRC Protocol Based Botnets

Authors:
Zhenhua Chi;Zixiang Zhao
Affiliations:
Dalian Maritime University, Dalian;Dalian Maritime University, Dalian
Venue:
NPC '07 Proceedings of the 2007 IFIP International Conference on Network and Parallel Computing Workshops
Year:
2007

Citing 0
Cited 1

A First Step towards Live Botmaster Traceback

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the most potentially dangerous security problems for computer networks is the botnet. Since botnets based on the IRC(Internet Chat Relay) protocol are relatively new, not enough research has been done on them. In this paper, we propose a method to detect the botmaster by starting from the victim and working backwards through the routers. The malicious traffic is blocked during the process of detecting the botmaster router by router.