Quarantine technology using botnets information

Authors:
Seung-Goo Ji;Hyun-Cheol Jeong
Affiliations:
Convergence Security R&D Team, Korea Internet & Security Agency, Seoul, South Korea;Convergence Security R&D Team, Korea Internet & Security Agency, Seoul, South Korea
Venue:
ACS'10 Proceedings of the 10th WSEAS international conference on Applied computer science
Year:
2010

Citing 4
Cited 0

An algorithm for anomaly-based botnet detection

SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Botnet Detection by Monitoring Group Activities in DNS Traffic

CIT '07 Proceedings of the 7th IEEE International Conference on Computer and Information Technology
Wide-scale botnet detection and characterization

HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection

SS'08 Proceedings of the 17th conference on Security symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

Cyber attacks using a botnet have a bad influence on the information system, such as recent 7.7 DDoS incident by the botnet and explosive growth of spam e-mails. The purpose of the attack is also changing from curiosity and showing-off to economic interest such as the DDoS attack against the competitor and accessing confidential information. This paper reviews the method of active protection from the secondary damage by bot infection (DDoS attack, spam sending, and personal/financial information stealing, etc.), by designing the advanced quarantine technique that extracts and blocks traffic from the botnet only, and based on the important information of the botnet.