English
Related papers

Related papers: Detecting Botnets Through Log Correlation

200 papers

Botnets could autonomously infect, propagate, communicate and coordinate with other members in the botnet, enabling cybercriminals to exploit the cumulative computing and bandwidth of its bots to facilitate cybercrime. Traditional detection…

Cryptography and Security · Computer Science 2024-12-17 Biju Issac , Kyle Fryer , Seibu Mary Jacob

The paper presents the results obtained during research on detection of unsolicited e-mails which are sent by botnets. The distinction from most of the existing solutions is the fact that the presented approach is based on the analysis of…

Cryptography and Security · Computer Science 2019-03-28 Piotr Bazydło , Krzysztof Lasota , Adam Kozakiewicz

Most of today's security solutions, such as security information and event management (SIEM) and signature based IDS, require the operator to evaluate potential attack vectors and update detection signatures and rules in a timely manner.…

Cryptography and Security · Computer Science 2021-01-19 Markus Wurzenberger , Florian Skopik , Roman Fiedler , Wolfgang Kastner

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of…

Cryptography and Security · Computer Science 2021-04-16 Pedro Manso , Jose Moura , Carlos Serrao

Alert correlation is a system which receives alerts from heterogeneous Intrusion Detection Systems and reduces false alerts, detects high level patterns of attacks, increases the meaning of occurred incidents, predicts the future states of…

Cryptography and Security · Computer Science 2018-11-05 Seyed Ali Mirheidari , Sajjad Arshad , Rasool Jalili

We present a comprehensive study on applying machine learning to detect distributed Denial of service (DDoS) attacks using large-scale Internet of Things (IoT) systems. While prior works and existing DDoS attacks have largely focused on…

Cryptography and Security · Computer Science 2023-02-17 Arvin Hekmati , Nishant Jethwa , Eugenio Grippo , Bhaskar Krishnamachari

With a growing increase in botnet attacks, computer networks are constantly under threat from attacks that cripple cyber-infrastructure. Detecting these attacks in real-time proves to be a difficult and resource intensive task. One of the…

Cryptography and Security · Computer Science 2018-05-04 David Santana , Shan Suthaharan , Somya Mohanty

An Intrusion Detection System (IDS) is a software that monitors a single or a network of computers for malicious activities (attacks) that are aimed at stealing or censoring information or corrupting network protocols. Most techniques used…

Cryptography and Security · Computer Science 2015-05-12 Mahdi Zamani , Mahnush Movahedi

Insider threat is one of the most pernicious threat vectors to information and communication technologies (ICT)across the world due to the elevated level of trust and access that an insider is afforded. This type of threat can stem from…

Cryptography and Security · Computer Science 2021-02-11 Nidhi Rastogi , Qicheng Ma

Cybercrimes are becoming a bigger menace to both people and corporations. It poses a serious challenge to the modern digital world. According to a press release from 2019 Cisco and Cybersecurity Ventures, Cisco stopped seven trillion…

Cryptography and Security · Computer Science 2022-07-27 Khoh Choon Hwa , Selvakumar Manickam , Mahmood A. Al-Shareeda

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app…

Cryptography and Security · Computer Science 2017-06-09 Jorge Blasco , Thomas M. Chen , Igor Muttik , Markus Roggenbach

In this paper, we present MORTON, a method that identifies compromised devices in enterprise networks based on the existence of routine DNS communication between devices and disreputable host names. With its compact representation of the…

Cryptography and Security · Computer Science 2021-01-22 Yael Daihes , Hen Tzaban , Asaf Nadler , Asaf Shabtai

Peer-to-peer (P2P) botnets use decentralized command and control networks that make them resilient to disruptions. The P2P botnet overlay networks manifest structures in mutual-contact graphs, also called communication graphs, formed using…

Networking and Internet Architecture · Computer Science 2022-11-18 Harshvardhan P. Joshi , Rudra Dutta

Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet…

Cryptography and Security · Computer Science 2021-01-25 Constantinos Patsakis , Fran Casino

Over the past decade, the Cyberspace has seen an increasing number of attacks coming from botnets using the Peer-to-Peer (P2P) architecture. Peer-to-Peer botnets use a decentralized Command & Control architecture. Moreover, a large number…

Networking and Internet Architecture · Computer Science 2013-07-30 Sharath Chandra Guntuku , Pratik Narang , Chittaranjan Hota

Bots constitute a significant portion of Internet traffic and are a source of various issues across multiple domains. Modern bots often become indistinguishable from real users, as they employ similar methods to browse the web, including…

Machine Learning · Computer Science 2024-12-04 Jan Kadel , August See , Ritwik Sinha , Mathias Fischer

Logs have been an imperative resource to ensure the reliability and continuity of many software systems, especially large-scale distributed systems. They faithfully record runtime information to facilitate system troubleshooting and…

Software Engineering · Computer Science 2022-01-12 Zhuangbin Chen , Jinyang Liu , Wenwei Gu , Yuxin Su , Michael R. Lyu

Network intrusion detection sensors are usually built around low level models of network traffic. This means that their output is of a similarly low level and as a consequence, is difficult to analyze. Intrusion alert correlation is the…

Cryptography and Security · Computer Science 2010-07-05 Gianni Tedesco , Uwe Aickelin

Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16].With our work we demonstrate a feasible and fast way to…

Databases · Computer Science 2018-02-02 Timo Schindler

Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has…

Networking and Internet Architecture · Computer Science 2019-12-10 Jan Grashöfer , Christian Titze , Hannes Hartenstein