Detection and prevention of botnets and malware in an enterprise network Online publication date: Sun, 11-Jan-2015
by Manoj Rameshchandra Thakur; Divye Raj Khilnani; Kushagra Gupta; Sandeep Jain; Vineet Agarwal; Suneeta Sane; Sugata Sanyal; Prabhakar S. Dhekne
International Journal of Wireless and Mobile Computing (IJWMC), Vol. 5, No. 2, 2012
Abstract: One of the most significant threats faced by enterprise networks is from bots. A bot is a program that operates as an agent for a user and runs simulated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of bots in a network, used for malicious purposes, is referred to as botnet. Our proposed novel approach can detect and combat bots, adopting a two-pronged strategy, using a stand-alone and a network algorithm. The stand-alone algorithm, which runs independently on each node of the network, monitors active processes on the node and triggers the network algorithm when a suspicious process is identified. The network algorithm will then analyse conversations to and from the hosts to deduce the bot pattern and bot signatures which can subsequently be used by the stand-alone algorithm to thwart bot processes at their very onset.
Online publication date: Sun, 11-Jan-2015
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Wireless and Mobile Computing (IJWMC):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org