A Malicious Bot Capturing System using a Beneficial Bot and Wiki

From WikiPapers
Jump to: navigation, search

A Malicious Bot Capturing System using a Beneficial Bot and Wiki is a 2013 journal article written in English by Takashi Yamanoue, Kentaro Oda, Koichi Shimozono and published in Journal of Information Processing.

[edit] Abstract

Locating malicious bots in a large network is problematic because the internal firewalls and network address translation (NAT) routers of the network unintentionally contribute to hiding the bots’ host address and malicious packets. However, eliminating firewalls and NAT routers merely for locating bots is generally not acceptable. In the present paper, we propose an easy to deploy, easy to manage network security control system for locating a malicious host behind internal secure gateways. The proposed network security control system consists of a remote security device and a command server. The remote security device is installed as a transparent link (implemented as an L2 switch), between the subnet and its gateway in order to detect a host that has been compromised by a malicious bot in a target subnet, while minimizing the impact of deployment. The security device is controlled remotely by 'polling' the command server in order to eliminate the NAT traversal problem and to be firewall friendly. Since the remote security device exists in transparent, remotely controlled, robust security gateways, we regard this device as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, ease of use, and ease of deployment of the server.

[edit] References

This publication has 5 references. Only those references related to wikis are included here:

Cited by

This publication has 2 citations. Only those publications available in WikiPapers are shown here:


Discussion

The paper can be available at this page[edit]

https://www.jstage.jst.go.jp/article/ipsjjip/21/2/21_237/_article