文章基本信息

标题：A survey on real world botnets and detection mechanisms
本地全文：下载
作者：Somayeh Soltani ; Seyed Amin Hosseini Seno ; Maryam Nezhadkamali 等
期刊名称：International Journal of Information and Network Security (IJINS)
印刷版ISSN：2089-3299
出版年度：2014
卷号：3
期号：2
页码：116-127
语种：English
出版社：Institute of Advanced Engineering and Science
摘要：Mitigating the destructive effect of botnets is a concern of security scholars. Though various mechanisms are proposed for botnets detection, real world botnets still survive and do their harmful operations. Botnets have developed new evasion techniques and covert communication channels. Knowing the characteristics of real world botnets helps security researchers in developing more robust detection methods. There are some surveys in the literature that study botnet detection methods; however they do not advert to real world botnets a lot. In this paper, we study various aspects of several real world botnets, i.e. Conficker, Kraken, Rustock, Storm, TDL4, Torpig, Waledac, Zeus and P2P Zeus. Architecture, protocol, type of infection, communication interval, attacks and evasion techniques of these botnets are probed in this paper. Moreover, studies on mitigation and detection of various aspects of botnets and new trends in botnet communication channels are reviewed.