Presentation is loading. Please wait.

Presentation is loading. Please wait.

Real-Time Botnet Command and Control Characterization at the Host Level 2013.10.24 JHEN-HUANG Gao.

Published byClare Reed Modified over 9 years ago

Similar presentations

Presentation on theme: "Real-Time Botnet Command and Control Characterization at the Host Level 2013.10.24 JHEN-HUANG Gao."— Presentation transcript:

1 Real-Time Botnet Command and Control Characterization at the Host Level 2013.10.24 JHEN-HUANG Gao

2  Title:  Real-Time Botnet Command and Control Characterization at the Host Level  Author & Institution :  Farhood Farid Etemad  Payam Vahdani  Publication:  6'th International Symposium on Telecommunications  Year: 2012  Cited (Google): 0 Basic Information 1/7

3  Introduction  Architecture  Detect bot  Real – Time Filtering  Conclusion Outline 2/7

4  Botnet 、 other kind of malwares  C&C is centralized or decentralized  Botnet can cause many problem  Normal solution Introduction 3/7

5  IRC protocol string  NICK 、 PASS 、 USER 、 JOIN 、 PRVIMSG 、 OPER 、 MOTD  ex Get me the file “website.html” ClientSever “Here is the file” followed by the file’s content  HTTP protocol  GET 、 POST 、 HEAD Architecture 4/7

6  IRC PART  Td>Tdh : normal IRC  Td<Tdh : malicious IRC  HTTP PART Detect bot 5/7

7  Filtering malicious traffic after detection Real – Time Filtering 6/7

8  Real-time‘s method :  Advantage  Find bot immediately  Simple to use  Weakness  Can’t be use on decentralized Conclusion 7/7

9 THANK YOU

Download ppt "Real-Time Botnet Command and Control Characterization at the Host Level 2013.10.24 JHEN-HUANG Gao."

Similar presentations

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.

Wenke Lee and Nick Feamster Georgia Tech Botnet and Spam Detection in High-Speed Networks.
MASK. Agenda Introduction –IRC prelude –What is IRC? –How does IRC work? Architecture –Client/Server –IRC commands –3 major types of communication on.

MASK. Agenda Introduction –IRC prelude –What is IRC? –How does IRC work? Architecture –Client/Server –IRC commands –3 major types of communication on.
MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.

MOSQUITO BREEDING ATTACK: Spread of bots using Peer To Peer INSTRUCTOR: Dr.Cliff Zou PRESENTED BY : BHARAT SOUNDARARAJAN & AMIT SHRIVATSAVA.
Active Botnet Probing to Identify Obscure Command and Control Channels Guofei Gu, Vinod Yegneswaran, Phillip Porras, Jennifer Stoll, and Wenke Lee Georgia.

Active Botnet Probing to Identify Obscure Command and Control Channels Guofei Gu, Vinod Yegneswaran, Phillip Porras, Jennifer Stoll, and Wenke Lee Georgia.
Title of Presentation Author 1, Author 2, Author 3, Author 4 Abstract Introduction This is my abstract. This is my abstract. This is my abstract. This.

Title of Presentation Author 1, Author 2, Author 3, Author 4 Abstract Introduction This is my abstract. This is my abstract. This is my abstract. This.
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
Wide-scale Botnet Detection and Characterization Anestis Karasaridis, Brian Rexroad, David Hoeflin.

Wide-scale Botnet Detection and Characterization Anestis Karasaridis, Brian Rexroad, David Hoeflin.
Botnet Dection system. Introduction  Botnet problem  Challenges for botnet detection.

Botnet Dection system. Introduction  Botnet problem  Challenges for botnet detection.
Threat infrastructure: proxies, botnets, fast-flux

Threat infrastructure: proxies, botnets, fast-flux
2009/9/151 Rishi : Identify Bot Contaminated Hosts By IRC Nickname Evaluation Reporter : Fong-Ruei, Li Machine Learning and Bioinformatics Lab In Proceedings.

2009/9/151 Rishi : Identify Bot Contaminated Hosts By IRC Nickname Evaluation Reporter : Fong-Ruei, Li Machine Learning and Bioinformatics Lab In Proceedings.
Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology USENIX Security '08 Presented by Lei Wu.

Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology USENIX Security '08 Presented by Lei Wu.
China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.

China Science & Technology Network Computer Emergency Response Team Botnet Detection and Network Security Alert Tao JING CSTCERT,CNIC.
SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –

SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –
Towards Network Containment in Malware Analysis Systems Authors: Mariano Graziano, Corrado Leita, Davide Balzarotti Source: Annual Computer Security Applications.

Towards Network Containment in Malware Analysis Systems Authors: Mariano Graziano, Corrado Leita, Davide Balzarotti Source: Annual Computer Security Applications.
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel 434920317 1.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
BotNet Detection Techniques By Shreyas Sali

BotNet Detection Techniques By Shreyas Sali
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.

Protecting Web 2.0 Services from Botnet Exploitations Cybercrime and Trustworthy Computing Workshop (CTC), 2010 Second Nguyen H Vo, Josef Pieprzyk Department.
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei Gu, Roberto Perdisci, Junjie Zhang, and.
Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.

Speaker:Chiang Hong-Ren Botnet Detection by Monitoring Group Activities in DNS Traffic.

Similar presentations

Ads by Google