Publication details

 

Chuck Norris botnet detection plugin

Basic information
Original title:Chuck Norris botnet detection plugin
Authors:Tomáš Plesník, Michal Trunečka, Pavel Piskač, Jan Vykopal, Pavel Čeleda
Further information
Citation:PLESNÍK, Tomáš, Michal TRUNEČKA, Pavel PISKAČ, Jan VYKOPAL a Pavel ČELEDA. Chuck Norris botnet detection plugin. 2010.Export BibTeX
@misc{915594,
author = {Plesník, Tomáš and Trunečka, Michal and Piskač, Pavel and Vykopal, Jan and Čeleda, Pavel},
keywords = {Chuck Norris; NetFlow; detection; plugin; NfSen},
language = {eng},
institution = {Masarykova univerzita},
organization = {Masarykova univerzita},
title = {Chuck Norris botnet detection plugin},
url = {http://www.muni.cz/ics/research/cyber/chuck_norris_botnet},
year = {2010}
}
Original language:English
Field:Informatics
WWW:Webová stránka s instalačním balíčkem
Type:Software
Keywords:Chuck Norris; NetFlow; detection; plugin; NfSen

Chuck Norris botnet detection plugin for NfSen collector periodically analyses NetFlow data. The plugin provides output of detection methods aimed at botnet behaviour during its lifecycle: port scanning from infected hosts outside the local network, scanning from infected hosts in the local network, communication with the botnet distribution and control servers, and DNS spoofing.

Related projects: