BotGAD: detecting botnets by capturing group activities in network traffic
Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE
Identifying botnets by capturing group activities in DNS traffic
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Botnet operators are the Svengalis of the PC world, enslaving desktop PCs and then making them do their bidding. Thanks to worms and Trojan horses, a grandmother in Arizona could end up hosting illegal content on an FTP site without ever realising it. But what happens when she turns her PC off, or her ISP allocates another IP address? Thanks to dynamic DNS services, botnet operators can hop around to different addresses and create new bot controllers or malicious content hosters at will. It makes it even more difficult for law enforcers and security professionals to deal with a phenomenon that was already challenging enough. Is there any way to deal with the problem? Years ago hackers were little more than script kiddies who busied themselves in their bedrooms writing malicious code. They caused disruption for kicks, and their reward was kudos from the hacking community.