Behavioral analysis of fast flux service networks
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Fast-flux bot detection in real time
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
An improvement for fast-flux service networks detection based on data mining techniques
RSFDGrC'11 Proceedings of the 13th international conference on Rough sets, fuzzy sets, data mining and granular computing
Behavioral analysis of botnets for threat intelligence
Information Systems and e-Business Management
Genetic-based real-time fast-flux service networks detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detection of fast flux service networks
AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116
Survey and taxonomy of botnet research through life-cycle
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
Here we present the first empirical study of detecting and classifying fast flux service networks (FFSNs) in real time. FFSNs exploit a network of compromised machines (zombies) for illegal activities such as spam, phishing and malware delivery using DNS record manipulation techniques. Previous studies have focused on actively monitoring these activities over a large window (days, months) to detect such FFSNs and measure their footprint. In this paper, we present a Fast Flux Monitor (FFM) that can detect and classify a FFSN in the order of minutes using both active and passive DNS monitoring, which complements long term surveillance of FFSNs.