Logo PTI
Polish Information Processing Society
Logo RICE

Annals of Computer Science and Information Systems, Volume 10

Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering

A Framework on botnet detection and forensics

,

DOI: http://dx.doi.org/10.15439/2017R28

Citation: Proceedings of the Second International Conference on Research in Intelligent and Computing in Engineering, Vijender Kumar Solanki, Vijay Bhasker Semwal, Rubén González Crespo, Vishwanath Bijalwan (eds). ACSIS, Vol. 10, pages 93101 ()

Full text

Abstract. The utilization of Internet on domestic and corporate front has been increasing at drastic rate. Each organization and enterprise exploits the internet to its fullest extent based on its requirements. In almost all areas, internet is proved to be a boon. But sometimes it lands the users into trouble because of unwanted and uninvited harmful software applications. There are so many types of threats and challenges that are faced by the internet users. Out of all the threats faced by internet users, botnets are at the top most position. Because of these prodigious threats botnets are the rising area of research. Botnet works as a coordinated or synchronized activity where different bots collectively participate to perform a malicious task. The botnet is different from other form of malware in its capability to compromise the computer systems or smartphones to set up a link with command and control(C\&C) server controlled by bot controller. Because of the massive participation of compromised machines the losses caused by botnet attack are immeasurable. As a result, different researchers are showing keen interest in the field of botnets. The trend reflects that the number of researches in this field have gone up at tremendous rate in past 5 to 10 years. The present paper proposes a framework to systematically identify the presence of malicious bot, prevent it from spreading further and performing its forensic investigation.

References

  1. A. Bijalwan and E. S. Pilli, "Understanding botnet on Internet," in Computational Intelligence and Computing Research (ICCIC), 2014 IEEE International Conference on, 2014, pp. 1-5.
  2. K. Singh ,S. Chandra Guntuku , A. Thakur , C. Hota “Big Data Analytics framework for Peer-to-Peer Botnet detection using Random Forests” , Information Sciences 278 (2014) 488–497, March 2014
  3. M. Cremonini and M. Riccardi, “The Dorothy Project: An Open Botnet Analysis Framework for Automatic Tracking and Activity Visualization.” , University of Milan Milano, Italy
  4. H. Rouhani Zeidanloo, A. Bt Abdul Manaf, R. Bt Ahmad, M. Zaman, “A Proposed Framework for P2P Botnet Detection”, IACSIT International Journal of Engineering and Technology, Vol.2, No.2, April 2010
  5. M. Riccardi, D. Oro and J. Luna, “A Framework For Financial Botnet Analysis” Barcelona Digital Technology Centre Barcelona, Spain jluna@bdigital.org
  6. H. Rouhani Zeidanloo, A. Bt Manaf, P. Vahdani, F. Tabatabaei, M. Zamani ,” Botnet Detection Based on Traffic Monitoring”, 2010 International Conference on Networking and Information Technology”
  7. Alden W. Jackson, D. Lapsley, C. Jones , SLINGbot: A System for Live Investigation of Next Generation Botnets, BBN Technologies ,10 Moulton Street Cambridge, MA 01845, USA
  8. C. Mazzariello ,University of Napoli Federico II, “IRC traffic analysis for botnet detection”, The Fourth International Conference on Information Assurance and Security
  9. H. Rouhani Zeidanloo, A. Bt Abdul Manaf, “Botnet Detection by Monitoring Similar Communication Patterns”, (IJCSIS) International Journal of Computer Science and Information Security, Vol. 7, No. 3, 2010
  10. W. Lu, M. Tavallaee and A. A. Ghorbani, “Automatic Discovery of Botnet Communitieson Large-Scale Communication Networks” University of New Brunswick Fredericton, NB E3B 5A3, Canada
  11. A. K. Soodn, R. J. Enbody, “Crimeware-as-a-service—A survey of commoditized crimeware in the underground market”, Internation al journal of critical infrastructu protection vol - 6( 2013 ) p 28 – 38
  12. D. Zhao , I. Traore , B Sayed , W. Lu , S. Saad ,A.Ghorbani , D. Garant, “Botnet detection based on traffic behavior analysis and flow intervals”, computers & security, 39 ( 2013 ) 2 -16
  13. T. Ormerod, Lingyu Wang, Mourad Debbabi,” Thomas Ormerod, Lingyu Wang, Mourad Debbabi”, National Cyber-Forensics and Training Alliance CANADA
  14. E. Stalmans, “A Framework for DNS based detection and mitigation of malware infections on a network”, Security and Networks Research Group Department of Computer Science Rhodes University Grahamstown,South Africa
  15. L. Mendonça, H. Santos,” Botnets: A Heuristic-Based Detection Framework”, Centro ALGORITMI University of Minho Braga, Portugal
  16. N. Paxton, G. Ahn, B. Chu, “Towards Practical Framework for Collecting and Analyzing Network-Centric Attacks”, University of North Carolina at Charlotte
  17. R. Ahmed, R. V. Dharaskar, “ Study of Mobile Botnets: An Analysis from the Perspective of Efficient Generalized Forensics Framework for Mobile Devices”, National Conference on Innovative Paradigms in Engineering & Technology (NCIPET-2012)
  18. U. Wijesinghe, U. Tupakula, V. Varadharajan, “An Enhanced Model for Network Flow Based Botnet Detection” , Proceedings of the 38th Australasian Computer Science Conference (ACSC 2015), Sydney, Australia, 27 - 30 January 2015
  19. L. Yeh, Y. Tsai,” An Automated Framework for Command and Control Server Connection and Malicious Mail Detection” ICNS 2015 The Eleventh International Conference on Networking and Services
  20. R. Shirazi, “Botnet Takedown Initiatives: A Taxonomy and Performance Model”, Technology Innovation Management Review, January 2015
  21. P. Sharma, S. Tiwari, A. Bijalwan, E. Pilli, “Botnet Detection Framework”, International Journal of Computer Applications (0975 – 8887) Volume 93 – No.19, May 2014
  22. H. Singh and A. Bijalwan, "A survey on Malware, Botnets and their detection," International Journal of Advanced Engineering Research and Science (IJAERS), vol. 03, no. 03, 2016.  
  23. B. Anchit and S. Harvinder, "Investigation of UDP Bot Flooding Attack," Indian Journal of Science and Technology, vol. 9, no. 21, 2016.  
  24. A. Bijalwan, M. Wazid, E. S. Pilli, and R. C. Joshi, "Forensics of random-UDP flooding attacks," Journal of Networks, vol. 10, no. 5, pp. 287-293, 2015.
  25. Sultan, M. Shahid. Monitoring HTTP based Command and Control Botnets in Network Traffic using Bot-Sniffer. Diss. Texas A&M University-Corpus Christi, 2015.