Characterizing Botnet In P2P Network For UDP Protocol

In modem society, an extensive range of business, infrastructure, and human needs, such as communications, utilities, banks, and leisure services are now provided by systems that rely on the secure and efficient operation of computer networks. As networks increase in size and complexity, a thorou...

全面介紹

Saved in:
書目詳細資料
主要作者: Noor Zuraidin, Mohd Safar
格式: Thesis
語言:English
English
出版: 2011
主題:
在線閱讀:http://eprints.utem.edu.my/id/eprint/7072/1/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_Full_Text.pdf
http://eprints.utem.edu.my/id/eprint/7072/2/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_24_Pages.pdf
http://eprints.utem.edu.my/id/eprint/7072/
http://library.utem.edu.my:8000/elmu/index.jsp?module=webopac-d&action=graphicFullDisplayRetriever.jsp&szMaterialNo=0000070839
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
實物特徵
總結:In modem society, an extensive range of business, infrastructure, and human needs, such as communications, utilities, banks, and leisure services are now provided by systems that rely on the secure and efficient operation of computer networks. As networks increase in size and complexity, a thorough understanding of their behavior is crucial to protect them from security threats. One of the threats to the network today is the threat of Botnet. This study will carry out the characterizing botnet in computer networks. In the beginning of the study, botnet architecture, behaviour, topology and mechanism are discussed. To analyze the characteristic, behaviour or pattern of the botnet base on the network traffic, a proper network analyzing tools is needed. Several network analysis tools available today are use for the analysis process of the network traffic. In the analysis phase, the botnet detection strategies base on the signature and DNS anomaly approach are selected to identify the behaviour and the characteristic of the botnet. In anomaly approach most of the behavioral and characteristic identification of the botnet is done by comparing between the normal and abnormal traffic. The main focus of the network analysis is studied on UDP protocol network traffic. Based on the analysis of the network traffic, the following anomalies are identified, abnormal DNS packet request, the NetBIOS attack, abnormal DNS MX query, DNS amplification attack and UDP flood attack. During the analysis process, the irregularity of the network traffic behaviour shows the characteristic of the botnet are existed in the network. The identified characteristic of the botnet can be used for future detection tools and mitigation of the botnet.