UMBC ebiquity

Detecting Botnets Using a Collaborative Situational-aware IDPS

Authors: M. Lisa Mathews, Anupam Joshi, and Tim Finin

Book Title: Second International Conference on Information Systems Security and Privacy

Date: February 19, 2016

Abstract: Botnet attacks turn susceptible victim computers into bots that perform various malicious activities while under the control of a botmaster. Some examples of the damage they cause include denial of service, click fraud, spamware, and phishing. These attacks can vary in the type of architecture and communication protocol used, which might be modified during the botnet lifespan. Intrusion detection and prevention systems are one way to safeguard the cyber-physical systems we use, but they have difficulty detecting new or modified attacks, including botnets. Only known attacks whose signatures have been identified and stored in some form can be discovered by most of these systems. Also, traditional IDPSs are point-based solutions incapable of utilizing information from multiple data sources and have difficulty discovering new or more complex attacks. To address these issues, we are developing a semantic approach to intrusion detection that uses a variety of sensors collaboratively. Leveraging information from these heterogeneous sources leads to a more robust, situational-aware IDPS that is better equipped to detect complicated attacks such as botnets.

Type: InProceedings

Tags: intrusion detection, situational-aware, botnet detection

Google Scholar: search

Number of downloads: 303


Available for download as

size: 656516 bytes