Characterizing Botnet In P2P Network For UDP Protocol
In modem society, an extensive range of business, infrastructure, and human needs, such as communications, utilities, banks, and leisure services are now provided by systems that rely on the secure and efficient operation of computer networks. As networks increase in size and complexity, a thorou...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/7072/1/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_Full_Text.pdf http://eprints.utem.edu.my/id/eprint/7072/2/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_24_Pages.pdf http://eprints.utem.edu.my/id/eprint/7072/ http://library.utem.edu.my:8000/elmu/index.jsp?module=webopac-d&action=graphicFullDisplayRetriever.jsp&szMaterialNo=0000070839 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utem.eprints.7072 |
|---|---|
| record_format |
eprints |
| spelling |
my.utem.eprints.70722015-05-28T03:46:53Z http://eprints.utem.edu.my/id/eprint/7072/ Characterizing Botnet In P2P Network For UDP Protocol Noor Zuraidin, Mohd Safar T Technology (General) TK Electrical engineering. Electronics Nuclear engineering In modem society, an extensive range of business, infrastructure, and human needs, such as communications, utilities, banks, and leisure services are now provided by systems that rely on the secure and efficient operation of computer networks. As networks increase in size and complexity, a thorough understanding of their behavior is crucial to protect them from security threats. One of the threats to the network today is the threat of Botnet. This study will carry out the characterizing botnet in computer networks. In the beginning of the study, botnet architecture, behaviour, topology and mechanism are discussed. To analyze the characteristic, behaviour or pattern of the botnet base on the network traffic, a proper network analyzing tools is needed. Several network analysis tools available today are use for the analysis process of the network traffic. In the analysis phase, the botnet detection strategies base on the signature and DNS anomaly approach are selected to identify the behaviour and the characteristic of the botnet. In anomaly approach most of the behavioral and characteristic identification of the botnet is done by comparing between the normal and abnormal traffic. The main focus of the network analysis is studied on UDP protocol network traffic. Based on the analysis of the network traffic, the following anomalies are identified, abnormal DNS packet request, the NetBIOS attack, abnormal DNS MX query, DNS amplification attack and UDP flood attack. During the analysis process, the irregularity of the network traffic behaviour shows the characteristic of the botnet are existed in the network. The identified characteristic of the botnet can be used for future detection tools and mitigation of the botnet. 2011 Thesis NonPeerReviewed application/pdf en http://eprints.utem.edu.my/id/eprint/7072/1/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_Full_Text.pdf application/pdf en http://eprints.utem.edu.my/id/eprint/7072/2/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_24_Pages.pdf Noor Zuraidin, Mohd Safar (2011) Characterizing Botnet In P2P Network For UDP Protocol. Masters thesis, UTeM. http://library.utem.edu.my:8000/elmu/index.jsp?module=webopac-d&action=graphicFullDisplayRetriever.jsp&szMaterialNo=0000070839 |
| institution |
Universiti Teknikal Malaysia Melaka |
| building |
UTEM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknikal Malaysia Melaka |
| content_source |
UTEM Institutional Repository |
| url_provider |
http://eprints.utem.edu.my/ |
| language |
English English |
| topic |
T Technology (General) TK Electrical engineering. Electronics Nuclear engineering |
| spellingShingle |
T Technology (General) TK Electrical engineering. Electronics Nuclear engineering Noor Zuraidin, Mohd Safar Characterizing Botnet In P2P Network For UDP Protocol |
| description |
In modem society, an extensive range of business, infrastructure, and human needs, such as
communications, utilities, banks, and leisure services are now provided by systems that rely on
the secure and efficient operation of computer networks. As networks increase in size and
complexity, a thorough understanding of their behavior is crucial to protect them from security
threats. One of the threats to the network today is the threat of Botnet. This study will carry
out the characterizing botnet in computer networks. In the beginning of the study, botnet
architecture, behaviour, topology and mechanism are discussed. To analyze the characteristic,
behaviour or pattern of the botnet base on the network traffic, a proper network analyzing
tools is needed. Several network analysis tools available today are use for the analysis process
of the network traffic. In the analysis phase, the botnet detection strategies base on the
signature and DNS anomaly approach are selected to identify the behaviour and the
characteristic of the botnet. In anomaly approach most of the behavioral and characteristic
identification of the botnet is done by comparing between the normal and abnormal traffic.
The main focus of the network analysis is studied on UDP protocol network traffic. Based on
the analysis of the network traffic, the following anomalies are identified, abnormal DNS
packet request, the NetBIOS attack, abnormal DNS MX query, DNS amplification attack and
UDP flood attack. During the analysis process, the irregularity of the network traffic
behaviour shows the characteristic of the botnet are existed in the network. The identified
characteristic of the botnet can be used for future detection tools and mitigation of the botnet. |
| format |
Thesis |
| author |
Noor Zuraidin, Mohd Safar |
| author_facet |
Noor Zuraidin, Mohd Safar |
| author_sort |
Noor Zuraidin, Mohd Safar |
| title |
Characterizing Botnet In P2P Network For UDP Protocol |
| title_short |
Characterizing Botnet In P2P Network For UDP Protocol |
| title_full |
Characterizing Botnet In P2P Network For UDP Protocol |
| title_fullStr |
Characterizing Botnet In P2P Network For UDP Protocol |
| title_full_unstemmed |
Characterizing Botnet In P2P Network For UDP Protocol |
| title_sort |
characterizing botnet in p2p network for udp protocol |
| publishDate |
2011 |
| url |
http://eprints.utem.edu.my/id/eprint/7072/1/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_Full_Text.pdf http://eprints.utem.edu.my/id/eprint/7072/2/Characterizing_Botnet_In_P2P_Network_For_UDP_Protocol_24_Pages.pdf http://eprints.utem.edu.my/id/eprint/7072/ http://library.utem.edu.my:8000/elmu/index.jsp?module=webopac-d&action=graphicFullDisplayRetriever.jsp&szMaterialNo=0000070839 |
| _version_ |
1665905343493832704 |
| score |
13.160551 |