Detection and prevention of botnets and malware in an enterprise network
by Manoj Rameshchandra Thakur; Divye Raj Khilnani; Kushagra Gupta; Sandeep Jain; Vineet Agarwal; Suneeta Sane; Sugata Sanyal; Prabhakar S. Dhekne
International Journal of Wireless and Mobile Computing (IJWMC), Vol. 5, No. 2, 2012

Abstract: One of the most significant threats faced by enterprise networks is from bots. A bot is a program that operates as an agent for a user and runs simulated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of bots in a network, used for malicious purposes, is referred to as botnet. Our proposed novel approach can detect and combat bots, adopting a two-pronged strategy, using a stand-alone and a network algorithm. The stand-alone algorithm, which runs independently on each node of the network, monitors active processes on the node and triggers the network algorithm when a suspicious process is identified. The network algorithm will then analyse conversations to and from the hosts to deduce the bot pattern and bot signatures which can subsequently be used by the stand-alone algorithm to thwart bot processes at their very onset.

Online publication date: Sun, 11-Jan-2015

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Wireless and Mobile Computing (IJWMC):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?

Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email