Browse > Article
http://dx.doi.org/10.13067/JKIECS.2013.8.11.1849

A Study of Command & Control Server through Analysis - DNS query log  

Cheon, Yang-Ha (용인대학교)
Publication Information
The Journal of the Korea institute of electronic communication sciences / v.8, no.12, 2013 , pp. 1849-1856 More about this Journal
Abstract
DOS attack, the short of Denial of Service attack is an internet intrusion technique which harasses service availability of legitimate users. To respond the DDoS attack, a lot of methods focusing attack source, target and intermediate network, have been proposed, but there have not been a clear solution. In this paper, we purpose the prevention of malicious activity and early detection of DDoS attack by detecting and removing the activity of botnets, or other malicious codes. For the purpose, the proposed method monitors the network traffic, especially DSN traffic, which is originated from botnets or malicious codes.
Keywords
Command and control server; DNS query; DDoS Defense; botnet; C&C Server;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Goebel, J., Holz, T. Rishi, "Identify bot contaminated hosts by IRC nickname evaluation", In Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p. 8, 2007.
2 http://www.boannews.com/media/view.asp?idx=22777&kind=1
3 J. R. Binkley, S. Singh, " An algorithm for anomaly-based botnet detection", In Proceedings of USENIX SRUTI'06, pp. 43-48, 2006.
4 Woo-seok Seo, Moon-seog Jun, "A Study on Security Hole Attack According to the Establishment of Policies to Limit Particular IP Area", The Journal of the Korea Institute of Electronic Communication Sciences, Vol. 5, No. 6, pp 625-630, 2010. 12.   과학기술학회마을
5 Young-Dong Kim. "Performance of VoIP Traffics over MANETs under DDoS Intrusions", The Journal of the Korea Institute of Electronic Communication Sciences, Vol. 6, No. 4, pp. 43-48, 2011. 07.   과학기술학회마을
6 Woo-Seok Seo, Jae-Pyo Park, Moon-Seog Jun, "A Study on Methodology for Standardized Platform Design to Build Network Security Infrastructure", The Journal of the Korea Institute of Electronic Communication Sciences, Vol. 7, No. 2, pp 203-211, 2011. 12.   과학기술학회마을
7 Yang, JongHyu, "An Empirical Study of Detection Technique for Zombie PC through Analysis of DNS Query Behavior", Department of IT Policy and Management Graduate School, Soongsil University, 2013.
8 J. R. Binkley, S. Singh. "An algorithm for anomaly-based botnet detection", In Proceedings of USENIX SRUTI'06, pp. 43-48, 2006.
9 G Gu, "BotMiner: clustering analysis of network traffic for protocol-and structureindependent botnet detection." Proceedings of the 17th conference on Security symposium. 2008.
10 Villamarin-Salomon, Ricardo, and Jose Carlos Brustoloni. "Bayesian bot detection based on DNS traffic similarity", Proceedings of the 2009 ACM symposium on Applied Computing. ACM, 2009.
11 G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. "BotHunter: Detecting malware infection through ids-driven dialog", In Proceedings of the 16th USENIX Security Symposium (Security'07), 2007.