Posts Tagged 'Malware'

Toward Proactive Mitigation of Advanced Multi-tier Botnets

Please make note of the following, free, on-line seminar.  Information about how to join the session can be found on the web site of the Commonwealth Graduate Engineering Program at  http://cgep.virginia.gov/gmu_webinar.php

Speaker

Brent ByungHoon Kang, Ph.D.

Topic

Toward Proactive Mitigation of Advanced Multi-tier Botnets

Date and Time

February 8, 2012 from 5 pm – 6 pm

Abstract

In this talk I will present our on-going efforts to mitigate the advanced botnets. Botnet is a network of compromised machines, exploited to carry out malicious acts such as spam, phishing, denial of service attacks, and stealing sensitive data such as passwords and banking credentials. The detection and mitigation of these botnets have proven to be quite challenging. Malware authors, supported by a thriving underground economy, have demonstrated professional quality sophistication in creating codes highly adaptive to existing mitigation efforts.

We have explored a series of botnet mitigation approaches directed toward (i) creating new analysis and de-obfuscation methods to rapidly expose the botnets’ command and control protocols in a timely manner, (ii) in-depth analysis to explore the fundamental limits and weaknesses of the advanced botnet architecture, and (iii) designing an effective enumerator (or “mapping” of bot networks) to locate bot-infected hosts on the Internet.

Our research direction fundamentally differs from existing Intrusion Detection System (IDS) approaches. Unlike IDS, which is geared towards protecting local hosts within its perimeter, an enumerator will enable identification of both local and remote infections. Identifying remote infections is crucial, given that there are numerous computers on the Internet that are not under the protection of IDS-based systems. The resulting enumeration has been used for spam blocking, firewall configuration, DNS rewriting, and alerting sys-admins regarding local infections.


RSS Feed

September 2019
S M T W T F S
« Sep    
1234567
891011121314
15161718192021
22232425262728
2930