Publication details

Chuck Norris botnet detection plugin

Authors

PLESNÍK Tomáš TRUNEČKA Michal PISKAČ Pavel VYKOPAL Jan ČELEDA Pavel

Year of publication 2010
MU Faculty or unit

Institute of Computer Science

Description Chuck Norris botnet detection plugin for NfSen collector periodically analyses NetFlow data. The plugin provides output of detection methods aimed at botnet behaviour during its lifecycle: port scanning from infected hosts outside the local network, scanning from infected hosts in the local network, communication with the botnet distribution and control servers, and DNS spoofing.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info