This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Bailey et al. The Internet motion sensor: A distributed blackhole monitoring system. In Proc. of NDSS, 2005.
James Binkley and Suresh Singh. An algorithm for anomaly-based botnet detection. In Proceedings of Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI ’06), 2006.
E. Cooke, F. Jahanian, and D. McPherson. The zombie roundup: Understanding, detecting, and disrupting botnets. In Proceedings of USENIX Workshop on Steps to Reducing Unwanted Traffic on the Internet, July 2005.
W. Cui et al. GQ: Realizing a system to catch worms in a quarter million places. Technical Report TR-06-004, ICSI, 2006.
D. Dagon, C. Zou, and W. Lee. Modeling botnet propagation using time zones. In Proceedings of the 13th Network and Distributed System Security Symposium (NDSS’06), 2006.
Neil Daswani, Michael Stoppelman, the Google Click Quality, and Inc Security Teams, Google. The anatomy of Clickbot.A. In USENIX First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.
Julian Grizzard, Vikram Sharma, Chris Nunnery, Brent ByungHoon Kang, and David Dagon. Peer-to-peer botnets: Overview and case study. In USENIX First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.
Christopher W. Hanna. Using snort to detect rogue irc bot programs, Oct 2004. http://www.giac.org/certified_professionals/practicals/gsec/4095.php.
J. Kannan et al. Semi-automated discovery of application session structure. In Proc. of ACM IMC, 2006.
R. Pang et al. Characteristics of Internet background radiation. In Proc. of ACM IMC, 2004.
V. Paxson. Bro: A system for detecting network intruders in real-time. Computer Networks, 31, 1999.
The Honeynet Project and Research Alliance. Know your enemy: Tracking botnets. http://honeynet.org/papers/bots, March 2005.
N. Provos. A virtual honeypot framework. In Proc. of USENIX Security, 2004.
Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang, and Nagendra Modadugu. The ghost in the browser: Analysis of web-based malware. In USENIX First Workshop on Hot Topics in Understanding Botnets (HotBots), 2007.
Moheeb A. Rajab, Jay Zarfoss, Fabian Monrose, and Andreas Terzis. A multifaceted approach to understanding the botnet phenomenon. In Proc. of ACM/USENIX IMC, 2006.
Anirudh Ramachandran and Nick Feamster. Understanding the network-level behavior of spammers. In Proceedings of ACM SIGCOMM ’06, September 2006.
Anirudh Ramachandran, Nick Feamster, and David Dagon. Revealing botnet membership using DNSBL counter-intelligence. In Proceedings of Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI ’06), 2006.
M. Vrable et al. Scalability, fidelity, and containment in the potemkin virtual honeyfarm. In Proc. of SOSP, 2005.
V. Yegneswaran, Paul Barford, and Vern Paxson. Using honeynets for Internet situational awareness. In In Proc. of ACM Hotnets IV, 2005.
V. Yegneswaran et al. On the design and use of Internet sinks for network abuse monitoring. In Proc. of RAID, 2004.
Michal Zalewski. the new p0f. http://lcamtuf.coredump.cx/p0f.shtml.
Cliff C. Zou et al. Monitoring and early warning for Internet worms. In Prof. of ACM CCS, 2003.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Li, Z., Goyal, A., Chen, Y. (2008). Honeynet-based Botnet Scan Traffic Analysis. In: Lee, W., Wang, C., Dagon, D. (eds) Botnet Detection. Advances in Information Security, vol 36. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-68768-1_2
Download citation
DOI: https://doi.org/10.1007/978-0-387-68768-1_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-68766-7
Online ISBN: 978-0-387-68768-1
eBook Packages: Computer ScienceComputer Science (R0)