Proactive Botnet Detection and Defense at Internet scale

Abstract

Botnets provide the basis for various cyber-threats. However, setting up a complex botnet infrastructure often involves registration of domain names in the domain name system (DNS). Active as well as passive monitoring approaches can be used in the detection of domains that are registered for botnets and other malicious activities. We present a novel architecture for proactive botent detection and defense based on large-scale DNS measurement and smart pattern recognition using machine learning.
Original languageUndefined
Number of pages1
StatePublished - Apr 2016

Fingerprint

Pattern recognition
Learning systems
Monitoring

Keywords

  • cybercrime
  • Active and Passive Measurement
  • EWI-27845
  • DNS
  • Internet Threats
  • Detection and Defence
  • Machine Learning
  • Botnet

Cite this

Dietz, Christian; Sperotto, Anna; Pras, Aiko; Dreo, G. / Proactive Botnet Detection and Defense at Internet scale.

2016.

Research output: Other research outputPoster

@misc{ebe96a4aeb8743c4aa662739ac5f3c79,
title = "Proactive Botnet Detection and Defense at Internet scale",
abstract = "Botnets provide the basis for various cyber-threats. However, setting up a complex botnet infrastructure often involves registration of domain names in the domain name system (DNS). Active as well as passive monitoring approaches can be used in the detection of domains that are registered for botnets and other malicious activities. We present a novel architecture for proactive botent detection and defense based on large-scale DNS measurement and smart pattern recognition using machine learning.",
keywords = "cybercrime, Active and Passive Measurement, EWI-27845, DNS, Internet Threats, Detection and Defence, Machine Learning, Botnet",
author = "Christian Dietz and Anna Sperotto and Aiko Pras and G. Dreo",
year = "2016",
month = "4",

}

TY - CONF

T1 - Proactive Botnet Detection and Defense at Internet scale

AU - Dietz,Christian

AU - Sperotto,Anna

AU - Pras,Aiko

AU - Dreo,G.

PY - 2016/4

Y1 - 2016/4

N2 - Botnets provide the basis for various cyber-threats. However, setting up a complex botnet infrastructure often involves registration of domain names in the domain name system (DNS). Active as well as passive monitoring approaches can be used in the detection of domains that are registered for botnets and other malicious activities. We present a novel architecture for proactive botent detection and defense based on large-scale DNS measurement and smart pattern recognition using machine learning.

AB - Botnets provide the basis for various cyber-threats. However, setting up a complex botnet infrastructure often involves registration of domain names in the domain name system (DNS). Active as well as passive monitoring approaches can be used in the detection of domains that are registered for botnets and other malicious activities. We present a novel architecture for proactive botent detection and defense based on large-scale DNS measurement and smart pattern recognition using machine learning.

KW - cybercrime

KW - Active and Passive Measurement

KW - EWI-27845

KW - DNS

KW - Internet Threats

KW - Detection and Defence

KW - Machine Learning

KW - Botnet

M3 - Poster

ER -