Publication details


Chuck Norris botnet detection plugin

Basic information
Original title:Chuck Norris botnet detection plugin
Authors:Tomáš Plesník, Michal Trunečka, Pavel Piskač, Jan Vykopal, Pavel Čeleda
Further information
Citation:PLESNÍK, Tomáš, Michal TRUNEČKA, Pavel PISKAČ, Jan VYKOPAL a Pavel ČELEDA. Chuck Norris botnet detection plugin. 2010.Export BibTeX
author = {Plesník, Tomáš and Trunečka, Michal and Piskač, Pavel and Vykopal, Jan and Čeleda, Pavel},
keywords = {Chuck Norris; NetFlow; detection; plugin; NfSen},
language = {eng},
institution = {Masarykova univerzita},
organization = {Masarykova univerzita},
title = {Chuck Norris botnet detection plugin},
url = {},
year = {2010}
Original language:English
WWW:Webová stránka s instalačním balíčkem
Keywords:Chuck Norris; NetFlow; detection; plugin; NfSen

Chuck Norris botnet detection plugin for NfSen collector periodically analyses NetFlow data. The plugin provides output of detection methods aimed at botnet behaviour during its lifecycle: port scanning from infected hosts outside the local network, scanning from infected hosts in the local network, communication with the botnet distribution and control servers, and DNS spoofing.

Related projects: