IJCATR Volume 4 Issue 2

Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks

R. Kannan A.V.Ramani
10.7753/IJCATR0402.1004
keywords : IRC, IDS, Anomaly, Countermeasure, Denial of Service.

PDF
Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an Enterprise Network This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter. This system is built on attack graph-based analytical models based on classification process and reconfigurable through update solutions to virtual network-based countermeasures.
@artical{r422015ijcatr04021004,
Title = "Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks",
Journal ="International Journal of Computer Applications Technology and Research(IJCATR)",
Volume = "4",
Issue ="2",
Pages ="103 - 107",
Year = "2015",
Authors ="R. Kannan A.V.Ramani"}
  • null