상세정보
학술대회
Study of Host-Based Cyber Attack Precursor Symptom Detection Algorithm
- 발행일
- 201012
- 출처
- International Conference on Future Generation Communication and Networking (FGCN) 2010 (CCIS 120), v.120, pp.268-275
- 협약과제
- 10MS4800, 전역적 협력기반의 통합보안제어 시스템 개발, 김종현
- 초록
- Botnet-based cyber attacks cause large-scale damage with increasingly intelligent tools, which has called for varied research on bot detection. In this study, we developed a method of monitoring behaviors of host-based processes from the point that a bot header attempts to make zombie PCs, detecting cyber attack precursor symptoms. We designed an algorithm that figures out characteristics of botnet which attempts to launch malicious behaviors by means of signature registration, which is for process/reputation/network traffic/packet/source analysis and a white list, as a measure to respond to bots from the end point. © 2010 Springer-Verlag Berlin Heidelberg.
- KSP 제안 키워드
- Bot Detection, Cyber attacks, Detection algorithm, Host-based, Intelligent tools, Network Traffic, Source analysis, end point, large-scale