The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Some botnets use special algorithms to generate the domain names they need to connect to their command and control servers. They are refereed as Domain Generation Algorithms. Domain Generation Algorithms generate domain names and tries to resolve their IP addresses. If the domain has an IP address, it is used to connect to that command and control server. Otherwise, the DGA generates a new domain...
HTTP botnets have been a major threat to cyber security in recent years. Fast-flux technique can be detrimental to botnet detection techniques based on traffic analysis, due to its ability to hide bot traffic among normal traffic. In this paper we propose a new approach to detect hosts infected by HTTP bots. Our technique will not only detect traditional HTTP botnets but also fast-flux botnet traffic...
In a large scale network, the privacy of the users and the performance are critical issues when conceiving a detection system, precisely for botnet detection where we need to differentiate between benign and malicious traffic. In this paper, we propose a new approach which conciliates these two requirements in order to detect domain-flux botnets and malicious servers controlling them. It relies on...
The presence of large pools of compromised computers, also known as botnets, or zombie armies, represents a very serious threat to Internet security. This paper describes the architecture of a contemporary advanced bot commonly known as Asprox. Asprox is a type of malware that combines the two threat vectors of forming a botnet and of generating SQL injection attacks. The main features of the Asprox...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.