Botnet: classification, attacks, detection, tracing, and preventive measures
ICICIC '09 Proceedings of the 2009 Fourth International Conference on Innovative Computing, Information and Control
Clustering botnet communication traffic based on n-gram feature selection
Computer Communications
Security and Communication Networks
Simulation-based study of botnets and defense mechanisms against them
Journal of Computer and Systems Sciences International
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Recently, botnet becomes a social problem due to the ex- pansion of bot infection. Ideally, all the vulnerable comput- ers should be fortified to counteract laying malware. Ac- cordingly, it is important to implement an information sys- tem which detects bot-infected computers and alerts them. In this paper, we focused on bots using IRC to communi- cate, and examined the behavior of such bots when they connected to an IRC server. We observed the actual traf- fic of some ports which were often used by IRC protocol. As a result, we confirmed that bots tried to reconnect to an IRC server at certain intervals when the server refused the con- nection from the bot. Moreover, we examined the distribu- tion of the intervals and confirmed that the communication from other IP addresses showed similar behavior.