Change search
ReferencesLink to record
Permanent link

Direct link
Botnet Detection with Event-Driven Analysis
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Lüning Secure Solution AB, Uppsala, Sweden.
2013 (English)In: Procedia Computer Science, ISSN 1877-0509, E-ISSN 1877-0509, Vol. 22, 662-671 p.Article in journal (Refereed) Published
Abstract [en]

Due to the huge impact on businesses, botnets are recognized as one of the most serious security threats. Malicious entities use various techniques to conceal and keep themselves undetected durin the proliferation of malware from computer to computer. Detection of a botnet is commonly performed in two ways either by using antivirus software or by analysing logged network data. However antivirus software usually detects malware that is already known and has been analysed, which is a main drawback of such approach due to the constant evolving of malware. The approach of analysis of logged network data do not reveals botnet activities and requires knowledge about botnets and type of data to look for within the collected log. Thus, the significant information can be overlooked and missed. In this paper, we propose event-driven log analysis software that enables detection of botnet activities and indicates whether the end-users machines have become a member of a botnet. Moreover, to optimize software functionality we performed an experiment that demonstrates how botnet communicates between itself and the command and control. Experiment along with the result is presented in this research.

Place, publisher, year, edition, pages
2013. Vol. 22, 662-671 p.
Keyword [en]
Log analysis, botnet, firewall log, network analysis
National Category
Information Systems
Research subject
Computer and Systems Sciences
URN: urn:nbn:se:su:diva-114698DOI: 10.1016/j.procs.2013.09.147OAI: diva2:793804
17th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems, 9 - 11 September 2013, Kitakyushu, Japan
Available from: 2015-03-09 Created: 2015-03-09 Last updated: 2016-04-05Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full text

Search in DiVA

By author/editor
Moradian, Esmiralda
By organisation
Department of Computer and Systems Sciences
In the same journal
Procedia Computer Science
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 27 hits
ReferencesLink to record
Permanent link

Direct link