AZƏRBAYCAN MİLLİ ELMLƏR AKADEMİYASI
BOTNETLƏR VƏ ONLARIN AŞKARLANMASI ÜSULLARI (azərb.)
İmamverdiyev Yadigar N., Qarayeva Gülnarə B.

Botnetlər kiber-hücum infrastrukturunda mühüm yer tuturlar. Botnet yoluxmuş kompüterlərdən və onları idarə edən botmasterlərin istifadə etdikləri C&C serverlərdən ibarət şəbəkədir. Bəzən bu şəbəkəyə milyonlarla kompüter cəlb edilir. Botnetlər daim inkişaf edir, onların strukturu, istifadə etdikləri protokollar, yoluxdurma üsulları, hücum məqsədləri daim dəyişir. Məqalədə botnetlərin arxitekturası, təsnifatı və aşkarlanma üsulları araşdırılmışdır (100-111). 

Açar sözlər: botnet, C&C server, honeypot, DDoS hücum, botnetlərin aşkarlanması üsulları.
DOI : 10.25045/jpit.v08.i1.11
Ədəbiyyat
  • Liu J., Xiao Y., Ghaboosi K., Deng H., Zhang J. Botnet: classification, attacks, detection, tracing, and preventive measures // EURASIP Journal on Wireless Communications and Networking, 2009, pp.1–12.
  • Li C., Jiang W., Zou X. Botnet: survey and case study / Proc. of the 4th International Conference on Innovative Computing, Information and Control, 2009, pp.1184–1187.
  • McKewan A. Botnets – zombies get smarter // Network Security, 2006, vol.2006, no.6, 18–20.
  • Schiller C.A., Binkley J., Evron G., Willems C., Bradley T., Harley D., Cross M. Botnets: the killer web app. Syngress, 2007, 480 p.
  • Rodrigues N., Sousa R., Ferreira P.S., Nogueira A.M. Characterization and modeling of top spam botnets // Network Protocols and Algorithms, 2012, vol.4, no.4, pp.1–26.
  • Silva S.S., Silva R.M., Pinto R.C., Salles R.M. Botnets: A survey // Computer Networks, 2013, vol.57, no.2, pp.378–403.
  • Feily M., Shahrestani A., Ramadass S. A survey of botnet and botnet detection / Proc. of the 3rd International Conference on Emerging Security Information, Systems and Technologies, 2009, pp.268–273.
  • Zeidanloo H., Manaf A. Botnet command and control mechanisms / of the 2nd International Conference on Computer and Electrical Engineering (ICCEE’09), 2009, vol.1, pp.564–5683.
  • TrendMicro. Taxonomy of botnet threats. Technical Report, 2006. http://www.cs.ucsb.edu/ kemm/courses/cs595G/TM06.pdf
  • Rodríguez-Gómez R.A., Maciá-Fernández G., García-Teodoro P., Steiner M., Balzarotti D. Resource monitoring for the detection of parasite P2P botnets // Computer Networks, 2014, vol.70, pp.302–311.
  • Singh K., Guntuku S. C., Thakur A., Hota C. Big Data Analytics framework for peer-to-peer botnet detection using Random Forests // Information Sciences, 2014, vol.278, pp.488–197.
  • Sharifnya R., Abadi M. DFBotKiller: Domain-flux botnet detection based on the history of group activities and failures in DNS traffic // Digital Investigation, 2015, vol.12, pp.15–26.
  • OpenDNS Security Whitepaper. The role of DNS in botnet command & control. http://info. opendns.com/rs/opendns/images/OpenDNS_SecurityWhitepaper DNSRoleInBotnets.pdf
  • Jabez J., Muthukumar B. Intrusion Detection System (IDS): Anomaly detection using outlier detection approach // Procedia Computer Science, 2015, vol.48, pp.338–146.
  • Kacha C., Shevade K.A. Comparison of different intrusion detection and prevention systems // International Journal of Emerging Technology and Advanced Engineering, 2012, vol.2, no.12, pp.243–245.
  • Zeng Y., Hu X., Shin K. Detection of botnets using combined host and network level information / IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2010, pp.291–300.
  • Zeng Y. On detection of current and next-generation botnets. Ph.D. thesis. The University of Michigan, January 2012.
  • Zhao D., Traore I., Sayed B., Lu W., Saad S., Ghorbani A., Garant D. Botnet detection based on traffic behavior analysis and flow intervals // Computers &Security, 2013, vol.39, part A, pp.2–16.
  • Stevanovic M., Pedersen J.M. Machine learning for identifying botnet network traffic, Aalborg Universitet, Technical Report, 2013, 29 p.
  • Gu G., Perdisci R., Zhang J., Lee W. Botminer: Clustering analysis of network traffic for protocol- and structure-independent botnet detection / Proc. of the 17th Conference on Security Symposium, 2008, pp.139–154.
  • Choi H., Lee H. Identifying botnets by capturing group activities in DNS traffic // Journal of Computer Networks, 2011, vol.56, pp.20–33.
  • Gu G., Zhang J., Lee W. BotSniffer: detecting botnet command and control channels in network traffic / Proc. of the 15th Network and Distributed System Security Symposium (NDSS), 2008, pp.1–18.
  • Gu G., Porras P., Yegneswaran V., Fong M., Lee W. BotHunter: Detecting malware infection through IDS-driven dialog correlation / Usenix Security, 2007, vol.7, pp.1–16.
  • Shin S., Xu Z., Gu G. EFFORT: Efficient and effective bot malware detection / Proc. of the 31th Annual IEEE Conference on Computer Communications (INFOCOM’12) Mini-Conference, 2012, pp.71–80.
  • Masud M., Khan L., Thuraisingham B. Data Mining Tools for Malware Detection. Taylor & Francis Group, 2011.
  • Dua S., Du X. Data Mining and Machine Learning in Cybersecurity, CRC Press, 2011, 248 p.
  • Aviv A. J., Haeberlen A. Challenges in experimenting with botnet detection systems / Proc. of the 4th Conference on Cyber Security Experimentation and Test (CSET’11), 2011, pp.6.