Browse wiki

Jump to: navigation, search
Capturing malicious bots using a beneficial bot and wiki
Abstract Locating malicious bots in a large networkLocating malicious bots in a large network is problematic because its internal firewalls and NAT routers unintentionally contribute to hiding bots' host address and malicious packets. However, eliminating firewalls and NAT routers for merely locating bots is generally not acceptable. In this paper, we propose an easy to deploy, easy to manage network security controlling system for locating a malicious host behind the internal secure gateways. This network security controlling system consists of a remote security device and a command server. Each of the remote security devices is installed as a transparent link (implemented as a L2 switch), between the subnet and its gateway, to detect a host which is compromised with a malicious bot in a target subnet, while minimizing impact of deployment. The security devices are remote controlled by 'polling' the command server in order to eliminating NAT traversal problem and to be firewall friendly. Since the remote security device lives in transparent, remote controlled and robust to security gateways, we regard it as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, easy to use and easy to deployment of the server. use and easy to deployment of the server.
Abstractsub Locating malicious bots in a large networkLocating malicious bots in a large network is problematic because its internal firewalls and NAT routers unintentionally contribute to hiding bots' host address and malicious packets. However, eliminating firewalls and NAT routers for merely locating bots is generally not acceptable. In this paper, we propose an easy to deploy, easy to manage network security controlling system for locating a malicious host behind the internal secure gateways. This network security controlling system consists of a remote security device and a command server. Each of the remote security devices is installed as a transparent link (implemented as a L2 switch), between the subnet and its gateway, to detect a host which is compromised with a malicious bot in a target subnet, while minimizing impact of deployment. The security devices are remote controlled by 'polling' the command server in order to eliminating NAT traversal problem and to be firewall friendly. Since the remote security device lives in transparent, remote controlled and robust to security gateways, we regard it as a beneficial bot. We adopt a web server with wiki software as the command server in order to take advantage of its power of customization, easy to use and easy to deployment of the server. use and easy to deployment of the server.
Bibtextype inproceedings  +
Has author Takashi Yamanoue + , Kentaro Oda + , Koichi Shimozono +
Has extra keyword Network security + , Security Monitor + , Security Control +
Has keyword Information security + , Vandal bot + , Wiki +
Has paywall mirror http://dl.acm.org/citation.cfm?id=2382477  +
Has reference A Simple Application Program Interface for Saving Java Program Data on a Wiki + , A Draw Plug-In for a Wiki Software + , PukiWiki-Java Connector, a simple API for saving data of Java programs on a wiki + , A Casual Network Security Monitoring System using a Portable Sensor Device and Wiki Software +
Language English +
Number of citations by publication 1  +
Number of references by publication 4  +
Pages 91-96  +
Peer-reviewed Yes  +
Published in SIGUCCS +
Title Capturing malicious bots using a beneficial bot and wiki +
Type conference paper  +
Year 2012 +
Creation dateThis property is a special property in this wiki. 26 October 2012 00:52:51  +
Categories Publications without license parameter  + , Publications without DOI parameter  + , Publications without remote mirror parameter  + , Publications without archive mirror parameter  + , Conference papers  + , Publications  +
Modification dateThis property is a special property in this wiki. 29 October 2012 07:57:25  +
DateThis property is a special property in this wiki. October 2012  +
hide properties that link here 
A Malicious Bot Capturing System using a Beneficial Bot and Wiki + Has reference
Capturing malicious bots using a beneficial bot and wiki + Title
 

 

Enter the name of the page to start browsing from.