Capturing malicious bots using a beneficial bot and wiki

From WikiPapers
Jump to: navigation, search

Capturing malicious bots using a beneficial bot and wiki is a 2012 conference paper written in English by Takashi Yamanoue, Kentaro Oda, Koichi Shimozono and published in SIGUCCS.

[edit] Abstract

Locating malicious bots in a large network is problematic because its internal firewalls and NAT routers unintentionally contribute to hiding bots' host address and malicious packets. However, eliminating firewalls and NAT routers for merely locating bots is generally not acceptable. In this paper, we propose an easy to deploy, easy to manage network security controlling system for locating a malicious host behind the internal secure gateways. This network security controlling system consists of a remote security device and a command server. Each of the remote security devices is installed as a transparent link (implemented as a L2 switch), between the subnet and its gateway, to detect a host which is compromised with a malicious bot in a target subnet, while minimizing impact of deployment. The security devices are remote controlled by 'polling' the command server in order to eliminating NAT traversal problem and to be firewall friendly. Since the remote security device lives in transparent, remote controlled and robust to security gateways, we regard it as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, easy to use and easy to deployment of the server.

[edit] References

This publication has 4 references. Only those references related to wikis are included here:

Cited by

This publication has 1 citations. Only those publications available in WikiPapers are shown here:


ACM DL[edit]

This paper can be available throgh the following papge using ACM Author-Izer.

presentation slide: