Computer Science – Cryptography and Security
Scientific paper
2010-02-05
Proceedings of the 3rd International Conference on Availability, Reliability and Security (ARES2008)
Computer Science
Cryptography and Security
7 pages, 7 figures, 3rd International Conference on Availability, Reliability and Security (ARES2008)
Scientific paper
A bot is a piece of software that is usually installed on an infected machine without the user's knowledge. A bot is controlled remotely by the attacker under a Command and Control structure. Recent statistics show that bots represent one of the fastest growing threats to our network by performing malicious activities such as email spamming or keylogging. However, few bot detection techniques have been developed to date. In this paper, we investigate a behavioural algorithm to detect a single bot that uses keylogging activity. Our approach involves the use of function calls analysis for the detection of the bot with a keylogging component. Correlation of the frequency of a specified time-window is performed to enhance he detection scheme. We perform a range of experiments with the spybot. Our results show that there is a high correlation between some function calls executed by this bot which indicates abnormal activity in our system.
Aickelin Uwe
Al-Hammadi Yousof
No associations
LandOfFree
Detecting Bots Based on Keylogging Activities does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Detecting Bots Based on Keylogging Activities, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting Bots Based on Keylogging Activities will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-535677