Technical Track
Botnet discovery can be difficult, since the existence of a network is often discovered only after it used for widespread activity such as a DDoS or a phishing scam. Sharing intelligence on a potential botnet traffic is also problematic mainly due to data privacy issues.
In this paper, we describe some currently used methods for identifying botnets and issues which arise when applying them in practice. We will identify the types of information that could be shared between different stakeholders and the technical means available to gather such data. Finally, we will present causality graphs and describe initial experiences in applying them to analyzing botnet incidents.
In this paper, we describe some currently used methods for identifying botnets and issues which arise when applying them in practice. We will identify the types of information that could be shared between different stakeholders and the technical means available to gather such data. Finally, we will present causality graphs and describe initial experiences in applying them to analyzing botnet incidents.
http://www.first.org/conference/2006/papers/pietikainen-pekka-slides.pdf
Type: Slides
Format: application/pdf
Last updated: July 12, 2006
Size: 207 Kb
http://www.first.org/conference/2006/papers/pietikainen-pekka-papers.pdf
Type: Paper
Format: application/pdf
Last updated: July 12, 2006
Size: 144 Kb
Authors & presenters
(University of Oulu, FI)
