Browsing by Author "Binda, Kahe Henrique"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- Analyzing IDS botnets detectionPublication . Binda, Kahe Henrique; Pedrosa, Tiago; Rodrigues, Nuno G.; Michel, NeylorIn a world increasingly connected with equipment permanently attached, the risk of cybersecurity had rise. Among the various vulnerabilities and forms of exploitation, the Botnets are those being addressed in this work. The number of botnets related infections has grown critically and, due to botnets’ increased capacity and potential use for future infections, a continued development of solutions is needed to strengthen the protection of networks and systems. Intrusion Detection Systems (IDS) are one of the solutions that try to follow this evolution. The continuous evolution of tools and attack forms in order to evade detection, using mechanisms such as encryption (IPSec, SSL) and diverse architecture and different ways of implementing Botnets create great challenges to those who try to detect them. In order to better understand these challenges, this work proposes an architecture to map the behavior of botnets. For this, a topology was created with several components, such as Network Intrusion Detection System (NIDS) and Host Intrusion Detection System (HIDS), aided with information from honeypots for the detection and analysis of attacks. This approach enabled real data to be obtained from attempts, some successfully, from Malware infections, with the aim of transforming systems into Bots and integrating them into Botnets. An exploratory analysis of the data is performed to verify the detection capabilities and the cases where the components do not provide correct information. Some methods based on machine learning were also used to process and analyze the collected data.