Deakin University
Browse

File(s) under permanent embargo

A survey on latest botnet attack and defense

conference contribution
posted on 2011-01-01, 00:00 authored by L Zhang, Shui Yu, Di Wu, P Watters
A botnet is a group of compromised computers, which are remotely controlled by hackers to launch various network attacks, such as DDoS attack and information phishing. Botnet has become a popular and productive tool behind many cyber attacks. Recently, the owners of some botnets, such as storm worm, torpig and conflicker, are employing fluxing techniques to evade detection. Therefore, the understanding of their fluxing tricks is critical to the success of defending from botnet attacks. Motivated by this, we survey the latest botnet attacks and defenses in this paper. We begin with introducing the principles of fast fluxing (FF) and domain fluxing (DF), and explain how these techniques were employed by botnet owners to fly under the radar. Furthermore, we investigate the state-of-art research on fluxing detection. We also compare and evaluate those fluxing detection methods by multiple criteria. Finally, we discuss future directions on fighting against botnet based attacks.

History

Event

International Conference on Trust, Security and Privacy in Computing and Communications (10th : 2011 : Changsha, China)

Pagination

53 - 60

Publisher

IEEE

Location

Changsha, China

Place of publication

[Changsha, China]

Start date

2011-11-16

End date

2011-11-18

ISBN-13

9780769546001

Language

eng

Publication classification

E1 Full written paper - refereed

Copyright notice

2011, IEEE

Title of proceedings

TRUSTCOM 2011 : International Conference on Trust, Security and Privacy in Computing and Communications

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC