download0 view161
twitter facebook

공공누리This item is licensed Korea Open Government License

Title
Advanced Bot Response Mechanism based on DNS Sinkhole
Author(s)
최장원박학수최상수
Publication Year
2011-07-18
Abstract
Malicious attacks in cyberspace have been continuously increasing. In particular, widely distributed bots are leading the cyber attacks such as distribute denial of service attack, spamming, critical information hijacking. Various technologies for bot detection and response are being developed, DNS-Sinkhole technique is known as the most effective way to respond to bot activities. However, legacy sinkhole system has a variety of limitations such as low accuracy and limited information, because it was developed for detection of early bot technology (IRC bot). In this paper, we propose an advanced bot response mechanism by using enhanced DNS-Sinkhole system. Especially, we focus on the improving of post-processing mechanism based on packet analysis. The proposed mechanism and system allow more efficient bot response by extending detection range and providing high detection accuracy.
Keyword
Bot detection; Packet analysis; Post-processing technique based on DNS-Sinkhole
Journal Title
Information : an international interdisciplinary journal
Citation Volume
14
ISSN
1343-4500
Files in This Item:
There are no files associated with this item.
Appears in Collections:
7. KISTI 연구성과 > 학술지 발표논문
URI
https://repository.kisti.re.kr/handle/10580/13946
http://www.ndsl.kr/ndsl/search/detail/article/articleSearchResultDetail.do?cn=NART57941185
Export
RIS (EndNote)
XLS (Excel)
XML

Browse