Browse wiki

Jump to: navigation, search
A Malicious Bot Capturing System using a Beneficial Bot and Wiki
Abstract Locating malicious bots in a large networkLocating malicious bots in a large network is problematic because the internal firewalls and network address translation (NAT) routers of the network unintentionally contribute to hiding the bots’ host address and malicious packets. However, eliminating firewalls and NAT routers merely for locating bots is generally not acceptable. In the present paper, we propose an easy to deploy, easy to manage network security control system for locating a malicious host behind internal secure gateways. The proposed network security control system consists of a remote security device and a command server. The remote security device is installed as a transparent link (implemented as an L2 switch), between the subnet and its gateway in order to detect a host that has been compromised by a malicious bot in a target subnet, while minimizing the impact of deployment. The security device is controlled remotely by 'polling' the command server in order to eliminate the NAT traversal problem and to be firewall friendly. Since the remote security device exists in transparent, remotely controlled, robust security gateways, we regard this device as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, ease of use, and ease of deployment of the server.use, and ease of deployment of the server.
Abstractsub Locating malicious bots in a large networkLocating malicious bots in a large network is problematic because the internal firewalls and network address translation (NAT) routers of the network unintentionally contribute to hiding the bots’ host address and malicious packets. However, eliminating firewalls and NAT routers merely for locating bots is generally not acceptable. In the present paper, we propose an easy to deploy, easy to manage network security control system for locating a malicious host behind internal secure gateways. The proposed network security control system consists of a remote security device and a command server. The remote security device is installed as a transparent link (implemented as an L2 switch), between the subnet and its gateway in order to detect a host that has been compromised by a malicious bot in a target subnet, while minimizing the impact of deployment. The security device is controlled remotely by 'polling' the command server in order to eliminate the NAT traversal problem and to be firewall friendly. Since the remote security device exists in transparent, remotely controlled, robust security gateways, we regard this device as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, ease of use, and ease of deployment of the server.use, and ease of deployment of the server.
Bibtextype article  +
Doi 10.2197/IPSJJIP.21.237  +
Has author Takashi Yamanoue + , Kentaro Oda + , Koichi Shimozono +
Has extra keyword Network Security + , Security Monitor + , Security Control + , Robot + , Wiki + , Java + , API +
Has keyword Information security + , Network analysis +
Has reference A Draw Plug-In for a Wiki Software + , PukiWiki-Java Connector, a simple API for saving data of Java programs on a wiki + , A Simple Application Program Interface for Saving Java Program Data on a Wiki + , A Casual Network Security Monitoring System using a Portable Sensor Device and Wiki Software + , Capturing malicious bots using a beneficial bot and wiki +
Issue 2  +
Language English +
Number of citations by publication 2  +
Number of references by publication 5  +
Pages (in press)  +
Peer-reviewed Yes  +
Published in Journal of Information Processing +
Title A Malicious Bot Capturing System using a Beneficial Bot and Wiki +
Type journal article  +
Volume 21  +
Year 2013 +
Creation dateThis property is a special property in this wiki. 26 December 2012 09:46:47  +
Categories Publications without license parameter  + , Publications without remote mirror parameter  + , Publications without archive mirror parameter  + , Publications without paywall mirror parameter  + , Journal articles  + , Publications  +
Modification dateThis property is a special property in this wiki. 27 May 2013 09:28:55  +
DateThis property is a special property in this wiki. February 2013  +
hide properties that link here 
Demonstration of a Loosely Coupled M2M System Using Arduino, Android and Wiki Software + , Experimental Implementation of a M2M System Controlled by a Wiki Network + Has reference
A Malicious Bot Capturing System using a Beneficial Bot and Wiki + Title
 

 

Enter the name of the page to start browsing from.