Detection of IRC Botnet C&C channels using the instruction syntax

Hongli Zhang

首页> 外文期刊>Consultant. >Detection of IRC Botnet C&C channels using the instruction syntax

【24h】

Detection of IRC Botnet C&C channels using the instruction syntax

机译：使用指令语法检测IRC Botnet C＆C信道

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

? 2017, Tsinghua University Press. All right reserved. ? 2017, Tsinghua University Press. All right reserved. The command and control (C&C) channel is a unique way that a Internet relay chat (IRC) Botnet sends commands to control the Botnet. This study analyzed the syntax characteristics of the control command to develop a method to detect the control command channel. A creditable coefficient was defined to describe the possibility of a sentence in a channel being a Botnet control command. An improved threshold random walk (TRW) algorithm was used with the creditable coefficients to accelerate the C&C channel detection. Tests show that this method can efficiently detect Botnet C&C channels. The command and control (C&C) channel is a unique way that a Internet relay chat (IRC) Botnet sends commands to control the Botnet. This study analyzed the syntax characteristics of the control command to develop a method to detect the control command channel. A creditable coefficient was defined to describe the possibility of a sentence in a channel being a Botnet control command. An improved threshold random walk (TRW) algorithm was used with the creditable coefficients to accelerate the C&C channel detection. Tests show that this method can efficiently detect Botnet C&C channels.

机译：还2017年，清华大学出版社。保留所有权利。还2017年，清华大学出版社。保留所有权利。命令和控制（C）通道是一种独特的方式，即互联网中继聊天（IRC）僵尸网络发送命令来控制僵尸网络。本研究分析了控制命令的语法特征，以开发一种检测控制命令信道的方法。定义可信系数以描述频道中的句子是僵尸网络控制命令的可能性。改进的阈值随机步行（TRW）算法与可信系数一起使用以加速C＆amp; C通道检测。测试表明，该方法可以有效地检测僵尸网络C＆amp; C通道。命令和控制（C＆C）通道是一个独特的方式，即互联网中继聊天（IRC）僵尸网络发送命令来控制僵尸网络。本研究分析了控制命令的语法特征，以开发一种检测控制命令信道的方法。定义可信系数以描述频道中的句子是僵尸网络控制命令的可能性。改进的阈值随机步行（TRW）算法与可信系数一起使用以加速C＆C信道检测。测试表明，此方法可以有效地检测僵尸网络C＆C通道。

著录项

来源
《Consultant.》 |2017年第9期|共7页
作者
Hongli Zhang;
展开▼
作者单位

School of Computer Science and Technology;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类医药、卫生;
关键词
Botnet; Instruction syntax; Threshold random walk (TRW);

机译：僵尸网络;指令语法;阈值随机步行（TRW）;

相似文献

外文文献
中文文献
专利

1. Detection of IRC Botnet C&C channels using the instruction syntax [J] . Hongli Zhang Consultant. . 2017,第9期

机译：使用指令语法检测IRC Botnet C＆C信道
2. Lightweight C&C based botnet detection using Aho-Corasick NFA [J] . Udhayan J, Anitha R, Hamsapriya T International Journal of Network Security & Its Applications . 2010,第4期

机译：使用Aho-Corasick NFA进行轻量级基于C＆C的僵尸网络检测
3. BotMosaic: Collaborative network watermark for the detection of IRC-based botnets [J] . Amir Houmansadr, Nikita Borisov The Journal of Systems and Software . 2013,第3期

机译：BotMosaic：用于检测基于IRC的僵尸网络的协作网络水印
4. Detection of Covert Botnet Command and Control Channels by Causal Analysis of Traffic Flows [C] . Pieter Burghouwt, Marcel Spruit, Henk Sips International symposium on cyberspace safety and security . 2013

机译：交通流因果分析对秘密僵尸网络指挥控制通道的检测
5. The Use of Data Exfiltration and Malware C&C Over Covert Channels [D] . Tait, Nick 2019

机译：在隐蔽渠道上使用数据泄露和恶意软件C＆C
6. Indoor Motion Detection Using Wi-Fi Channel State Information in Flat Floor Environments Versus in Staircase Environments [O] . Zehua Dong, Fangmin Li, Julang Ying, 2018

机译：在平坦地板环境中和楼梯环境中使用Wi-Fi通道状态信息进行室内运动检测
7. Botnets Detection Based on IRC-Community [O] . Wei Lu, Ali A. Ghorbani 2015

机译：基于IRC社区的僵尸网络检测
8. Preliminary Investigation of the NAS Stage a Backup Channel as Related to the Resolution and Detection of Aircraft [R] . Chapman, C. 1968

机译：Nas阶段与飞机分辨率检测相关的后备通道初步研究

Detection of IRC Botnet C&C channels using the instruction syntax

摘要

著录项

相似文献

相关主题

期刊订阅