https://scholars.lib.ntu.edu.tw/handle/123456789/456068
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.author | Hsiao, S.-W. | en_US |
dc.contributor.author | Chen, Y.-N. | en_US |
dc.contributor.author | YEALI SUN | en_US |
dc.contributor.author | Chen, M.C. | en_US |
dc.creator | Hsiao, S.-W.;Chen, Y.-N.;Sun, Y.S.;Chen, M.C. | - |
dc.date.accessioned | 2020-02-10T02:43:31Z | - |
dc.date.available | 2020-02-10T02:43:31Z | - |
dc.date.issued | 2013 | - |
dc.identifier.uri | https://scholars.lib.ntu.edu.tw/handle/123456789/456068 | - |
dc.description.abstract | We propose a detection mechanism that takes the advantage of virtualized environment and combines both passive and active detection approaches for detecting bot malware. Our proposed passive detection agent lies in the virtual machine monitor to profile the bot behavior and check against it with other hosts. The proposed active detection agent that performs active bot fingerprinting can send specific stimulus to a host and examine if there exists expected triggered behavior. In our experiments, our system can distinguish bots and the benign process with low false alarm. The active fingerprinting technique can detect a bot even when a bot does not do its malicious jobs. © 2013 Springer-Verlag. | - |
dc.relation.ispartof | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | - |
dc.subject | botnet; fingerprinting; intrusion detection; virtual machine | - |
dc.subject.classification | [SDGs]SDG16 | - |
dc.subject.other | botnet; Detection mechanism; fingerprinting; Fingerprinting techniques; Malware detection; Virtual machine monitors; Virtual machines; Virtualized environment; Computer crime; Intrusion detection; Virtual reality; Network security | - |
dc.title | Combining dynamic passive analysis and active fingerprinting for effective bot malware detection in virtualized environments | en_US |
dc.type | conference paper | en |
dc.identifier.doi | 10.1007/978-3-642-38631-2_59 | - |
dc.identifier.scopus | 2-s2.0-84883397011 | - |
dc.identifier.url | https://www.scopus.com/inward/record.uri?eid=2-s2.0-84883397011&doi=10.1007%2f978-3-642-38631-2_59&partnerID=40&md5=99c8483fefe8ebd53bdfab8bb80b7292 | - |
dc.relation.pages | 699-706 | - |
dc.relation.journalvolume | 7873 LNCS | - |
item.openairetype | conference paper | - |
item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
item.cerifentitytype | Publications | - |
item.fulltext | no fulltext | - |
item.grantfulltext | none | - |
crisitem.author.dept | Information Management | - |
crisitem.author.parentorg | College of Management | - |
顯示於: | 資訊管理學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。