Repository logo

Browsing by Author "Salvador, Paulo"

Now showing 1 - 5 of 5
  • Analyzing the behavior of top spam botnets
    Publication . Silva, Rui Jorge; Rodrigues, Nuno G.; Salvador, Paulo; Nogueira, António Manuel
    Botnets became the preferred platform for launching attacks and committing fraud on enterprise networks and the Internet itself. Characterizing existing Botnets will help to coordinate and develop new technologies to face this serious security threat. Several approaches can be taken to study this phenomenon: analyze its source code, which can be a hard task mainly due to license restrictions; study the control mechanism, particularly the activity of its Command and Control server(s); study its behavior, by measuring real traffic and collecting relevant statistics. In this work, we have installed some of the most popular spam Botnets, capturing the originated traffic and characterizing it in order to identify the main trends/patterns of their activity. From the intensive statistics that were collected, it was possible to conclude that there are distinct features between different Botnets that can be explored to build efficient detection methodologies.
    2012Conference paper Restricted access Show more
  • Characterization and modeling of top spam botnets
    Publication . Rodrigues, Nuno G.; Sousa, Rui Filipe Rodrigues; Salvador, Paulo; Nogueira, António Manuel
    The increasing impact of the Internet in the global economy has transformed Botnets into one of the most relevant security threats for citizens, organizations and governments. Despite the significant efforts that have been made over the last years to understand this phenomenon and develop detection techniques and countermeasures, this continues to be a field with big challenges to address. Several approaches can be taken to study Botnets: analyze its source code, which can be a hard task because it is usually unavailable; study the control mechanism, particularly the activity of its Command and Control server(s); study its behavior, by measuring real traffic and collecting relevant statistics. In this work, we have installed some of the most popular spam Botnets, captured the originated traffic and characterized it in order to identify the main trends/patterns of their activity. From the intensive statistics that were collected, it was possible to conclude that there are distinct features between Botnets that can be explored to build efficient detection methodologies. Based on this study, the second part of the paper proposes a generic and systematic model to describe the network dynamics whenever a Botnet threat is detected, defining all actors, dimensions, states and actions that need to be taken into account at each moment. We believe that this type of modeling approach is the basis for developing systematic and integrated frameworks and strategies to predict and fight Botnet threats in an efficient way.
    2012Journal article Open access Show more
  • Fighting botnets - a systematic approach
    Publication . Rodrigues, Nuno G.; Nogueira, António José Arsénia; Salvador, Paulo
    The increasing impact of Internet in the global economy has transformed botnets into one of the most feared security threats for citizens, organizations and governments. Despite the significant efforts that have been made over the last years to understand this phenomenon and develop detection techniques and countermeasures, this continues to be a field with big challenges to address. The most important detection approaches and countermeasures that have been proposed are usually oriented to address some specific type of botnet threat or fight botnets in particular scenarios or conditions. This paper proposes a generic and systematic model to describe the network dynamics whenever a botnet threat is detected, defining all actors, dimensions, states and actions that need to be taken into account at each moment. We believe that the proposed model can be the basis for developing systematic and integrated frameworks, strategies and tools to predict and fight botnet threats in an efficient way.
    2012Conference paper Open access Show more
  • Modeling and analysis of network resilience : the security perspective
    Publication . Rodrigues, Nuno G.; Nogueira, António Manuel; Salvador, Paulo
    The increased impact of global Internet in our daily lives is a continuous challenge for those who are responsible for their design, planning, implementation and administration. As the Internet becomes more important to citizens, organizations and nations, more pressure is placed in their reliability, availability and security or, in other terms, in its Resilience. Because Internet was not initially designed to support the actual levels of responsibility in the global economy, it is now evident that new paradigms and enhancements are needed to make this a resilient network. From the three disciplines that mainly characterize network resilience, security is one of the most challenging. In fact, the range of security threats that nowadays affect Internet is immense and increasingly complex, with the beginning of a new era where the concept of cyber-wars between nations becomes reality. One of the most relevant security threats is the malware and botnet phenomenon. Despite the development of several different types of countermeasures to fight these threats during more than a decade, this continues to be a field with big challenges and where new and solid improvements are needed.
    2013Conference poster Open access Show more
  • Modeling and analysis of network resilience : the security perspective
    Publication . Rodrigues, Nuno G.; Nogueira, António Manuel; Salvador, Paulo
    During the last decade, Internet has achieved an extremely high level of impact and dependence in the live of citizens, organizations and countries In many aspects, this new level of importance was not accompanied by the increase of reliability, availability and security In other words, Internet needs to become resilient Network resilience encompasses many different disciplines, from which security is one of the most relevant Inside security, malware and botnets are some of the most common threats in Internet Despite the development of several different types of countermeasures to fight botnets during more than a decade, this continues to be a field with big challenges and where new and solid improvements are needed
    2012Conference poster Open access Show more