Autonomous Detection of Botnets Using Passive DNS Essay

Autonomous Detection of Botnets Using Passive DNS Essay

Length: 729 words (2.1 double-spaced pages)

Rating: Better Essays

Open Document

Essay Preview

A botnet is a collection of compromised hosts (bots) under control of a com-
mon Command & Control (C&C). The C&C is used by a remote controller
to issue commands to the different infected hosts. A botnet may have several
purposes, the most common include Denial-of-Servoice (DoS) attacks, identity
theft, proxy, spreading of malware and spamming. Traditional ways to disrupt
such networks, such as Domain Name System Blacklists (DNSBL’s) or firewalls,
rely on the knowledge of the Internet address of the C&C.
Domain Name System (DNS) is of paramount importance in the operation
of internet. It is responsible for translating human-friendly hostnames into IP
addresses. Botmasters make use of domain names to manage their distributed
network of bots. Furthermore, they take advantage of DNS agility (ability to
quickly change the IP address associated to a domain name) to hide and frustrate
detection of their C&C. Such techniques include DGA [1], Fast-Flux [4].
Research Questions
As aforementioned, attackers have been able to avoid the deployed detection/prevention
mechanisms by continously update the IP address of their C&C. This makes the
disruption of the botnet more difficult. In addition, techniques like Fast-Flux
or DGA take advantage of the fact that DNS services do not keep the history
of the DNS requests, DNS data only contains the current value of each domain
name, making the identification of the botnet C&C even more difficult [5].
Passive DNS [6] comes to help in this case, by storing all DNS answers that
goes through a deployed sensor into a database and allowing queries over that
data. Moreover, Passive DNS allows one to correlate DNS data over time, being
possible to analyze the migration pattern of the botnet, ...

... middle of paper ...

ley, CA, USA, 2012. USENIX Association.
[2] M. Bailey, E. Cooke, F. Jahanian, Yunjing Xu, and M. Karir. A survey
of botnet technology and defenses. In Conference For Homeland Security,
2009. CATCH ’09. Cybersecurity Applications Technology, pages 299–304,
[3] Maryam Feily, Alireza Shahrestani, and Sureswaran Ramadass. A survey of
botnet and botnet detection. In Proceedings of the 2009 Third International
Conference on Emerging Security Information, Systems and Technologies,
SECURWARE ’09, pages 268–273. IEEE Computer Society, 2009.
[4] D.K. McGrath, A. Kalafut, and M. Gupta. Phishing infrastructure fluxes
all the way. Security Privacy, IEEE, 7(5):21–28, 2009.
[5] C. Schiller and J.R. Binkley. Botnets: The Killer Web Applications. Elsevier
Science, 2011.
[6] Florian Weimer. Passive dns replication. In FIRST Conference on Computer
Security Incident, 2005.

Need Writing Help?

Get feedback on grammar, clarity, concision and logic instantly.

Check your paper »

Military Autonomous Robots (LAR) as Weapons Essay

- Military Autonomous Robots (LAR) as Weapons Thesis statement: There are various social and political implications surrounding the use of lethally autonomous robots (LAR) as military weapons. The military use of lethally autonomous robots (LAR) is not science fiction – it is happening right now. A robot is a mechanism guided by automatic controls. Autonomous robots are able to independently maintain stability and plan action. The first generation of military robots have operated under direct human control....   [tags: Lethally Autonomous Robots, Weapons]

Better Essays
1515 words (4.3 pages)

The Detection of Ammonia Using Gas Sensros Essay

- Detection of ammonia can be done using gas sensors. Examples of different application areas of ammonia gas sensing are; environmental monitoring, medical diagnostics, chemical laboratories and detection of ammonia in portable water and wastewater (Timmer et al., 2005). High concentrations of ammonia are easy to detect while for very low concentrations we require different gas sensors operating at different sensing principles. Ammonia gas sensors operate at different temperatures each having a specific detection limit range and response time to measure the ppm and sub-ppm concentrations rapidly....   [tags: metal oxide, relativism]

Better Essays
747 words (2.1 pages)

Are Autonomous Vehicles In Our Future? Essay

- Are autonomous vehicles in our future. According to a paper that was recently release by ENO center for Transportation, Preparing a Nation for Autonomous Vehicles (AV); we could see the introduction of such vehicles inside the next decade. The paper was written by the 2012 Eno Fellow Daniel J. Fagnant. In his paper, Daniel explores the potential benefits on society from the introduction of AV, their barriers to implementation and it discusses several policy recommendations to AV implementation. Meet George Jetson....   [tags: transportation, automation, crashes, technology]

Better Essays
913 words (2.6 pages)

Essay on The Future Of Autonomous Cars

- Autonomous cars has many benefits for us human beings living on this earth. Even though autonomous vehicles will have a negative impact on our economy, they claim to keep our environment clean while keeping us safe with advanced technology in the near future. As human driving errors become more of an issue for our safety and environment car manufactures are looking to invest into making autonomous cars to help save many lives and reduce the CO2 emissions by eliminating wasteful fuel consumption of fossil fuel....   [tags: Greenhouse gas, Carbon dioxide, Driverless car]

Better Essays
1318 words (3.8 pages)

Why DNS? Essays

- Why DNS. In modern computing all software applications involving communication with other computers over the Internet use IP based addressing to identify hosts to communicate with. IP addresses are formatted numeric sequences of number which specify the location of host computers on the Internet or LAN/WAN network. IP addresses are difficult for humans to remember which is why there is a need to refer to network resources by a human-understandable name. The current process of translating IP addresses to readable domain names is performed by using the Domain Name Service (DNS)....   [tags: Information Technology]

Better Essays
1922 words (5.5 pages)

Issues Raised by Use of Turnitin Plagiarism Detection Software Essay

- Issues Raised by Use of Turnitin Plagiarism Detection Software This past week, I worked with a couple of other members of the Writing Department at GVSU to prepare a position statement on plagiarism detection software. GVSU only recently acquired a subscription to Turnitin, and myself and the other teachers were concerned that teachers in other disciplines would be unware of the issues surrounding plagiarism detection services. The following is the full text of the statement which has been distributed on our campus....   [tags: Plagiarism Detection Software]

Free Essays
949 words (2.7 pages)

Enhancing DNS Resilience against Denial of Service Attacks Essay

- Enhancing DNS Resilience against Denial of Service Attacks Abstract The Domain Name System (DNS) is a critical Internet infrastructure that provides name to address mapping services. In the past few years, distributed denial of service (DDoS) attacks have targeted the DNS infrastructure and threaten to disrupt this critical service. In this paper we show that the existing DNS can gain significant resilience against DDoS attacks through a simple change to the current DNS operations, by setting longer time-to-live values for a special class of DNS resource records, the infrastructure records....   [tags: Internet Security]

Better Essays
1001 words (2.9 pages)

Essay on Autonomous SAR Robots Necessary for Natural Disasters

- Introduction and Overview Disastrous nature such as earthquake, flooding, or tornados gives a big impact to the affected area. These kinds of catastrophe cause another disaster such a landslide or collapsed building that may claim many lives. During this critical situation, people especially police, fire department are deployed in search and rescue mission to save countless life and of course under the circumstance their well being are put on high risk and expose to danger. Hence, the robot are build to replace human when it comes to difficult task and involving in critical situation neither human or tools can do....   [tags: rescue, victims, communication]

Better Essays
572 words (1.6 pages)

Essay on The Self Driving Car Is Becoming An Age Of Autonomous Vehicles

- “We are moving towards an age of autonomous vehicles” (Schwarz et al., 2013). The self-driving car was viewed as science fiction a few decades ago. Today, technology proves that its future is approaching. Its development has not been simple. There have been numerous challenges with the autonomous vehicle that researchers and engineers continue to solve at a profound rate. They say (Campbell, Egerstedt, How, & Murray, 2010) the autonomous vehicles technical challenges will be developed next generation....   [tags: Automobile, Driverless car, Vehicle, Transport]

Better Essays
934 words (2.7 pages)

Automatic Surveillance: Vision Detection Using Gaussian Processes Analysis

- ... Pixels of sharp variations are consequently classified into the foreground. Many techniques have been established to work in the frame of this principle among which we can list: the running average [1] [2] that interest in modelling the background each pixel location by fitting a Gaussian probability density function (Pdf) on the last n pixel’s values. At each frame time, the pixel's value can then be classified as a foreground pixel if the difference between its values and the estimated mean values exceeds a given threshold....   [tags: detecting moving objects, application]

Better Essays
625 words (1.8 pages)