Title page for etd-0813110-025210


[Back to Results | New Search]

URN etd-0813110-025210
Author Ming-Zong Huang
Author's Email Address No Public.
Statistics This thesis had been viewed 5644 times. Download 11 times.
Department Information Management
Year 2009
Semester 2
Degree Master
Type of Document
Language zh-TW.Big5 Chinese
Title Hybrid Botnet Detection
Date of Defense 2010-07-15
Page Count 79
Keyword
  • Botnet
  • Web-based Botnet
  • Fast Flux Domain
  • Abstract There are three mail types of Botnet: IRC-based Botnet, P2P-based Botnet,Web-based Botnet and they have become major threat to the Internet recently. Web-based Botnet is popular and more harmful to users. The architecture of Web-based Botnet is simpler than P2P-based Botnet, and its malicious traffic can be hidden in a large number of normal traffic. In this study, we built an experimental environment of using malicious bot programs to detect suspicious traffic and malware features.
    Except network attacking and identity theft, Botnet could also be used by hackers to extend the life time of rouge websites by combining with the technology of Fast Flux Domain. Botnet and the technology of Fast Flux Domain closely link to each other in the real world. Both of Web-based Botnet and Fast Flux Domain
    technology use HTTP protocol to communicate, and Botnet provides a large number of infected hosts to be Fast Flux Agents which act like a relay station to block the direct link of malicious websites from clients, but completes the mutual connection.
    In the research, not only the analysis and detection of Web-based Botnet are focused, but also the impact of Fast Flux Domain technology is included. We expect
    to clear the architecture of Botnet and the technology of Fast Flux Domain, and make the detection mechanism more precisely.
    Advisory Committee
  • D. J. Guan - chair
  • Chun-I Fan - co-chair
  • Chia-Mei Chen - advisor
  • Files
  • etd-0813110-025210.pdf
  • indicate in-campus access in a year and off_campus not accessible
    Date of Submission 2010-08-13

    [Back to Results | New Search]


    Browse | Search All Available ETDs

    If you have more questions or technical problems, please contact eThesys