A method for risk measurement of botnet's malicious activities
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, D. | - |
dc.contributor.author | Kim, Y.-G. | - |
dc.contributor.author | In, H.P. | - |
dc.contributor.author | Jeong, H.C. | - |
dc.date.accessioned | 2021-09-05T16:10:24Z | - |
dc.date.available | 2021-09-05T16:10:24Z | - |
dc.date.created | 2021-06-17 | - |
dc.date.issued | 2014 | - |
dc.identifier.issn | 1343-4500 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/100817 | - |
dc.description.abstract | A DNS sinkhole system generates, separates, and manages a blacklist of botnets detected via a botnet detection system. Since numerous bots are newly added and bot codes are updated frequently, blacklist management is extremely expensive and it is difficult to update domain names and IP addresses. Further, effectiveness and accuracy are not guaranteed as the priority of botnets is determined and handled on the basis of subjective decisions of security experts. Hence, this study aims to provide a methodology to manage the blacklist by estimating the botnet risk index (BRI) of detected botnets from the perspective of a DNS sinkhole system manager and automatically estimating the risk priority of botnets on the basis of this information. The BRI, which is a normalization equation based on a Euclidean vector concept, is calculated in a number of scenarios, with a single command and control server (C&C) and with multiple C&Cs. The BRI has been defined to provide an intuitive understanding of the degree of danger posed by botnets. © 2014 International Information Institute. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | International Information Institute Ltd. | - |
dc.title | A method for risk measurement of botnet's malicious activities | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | In, H.P. | - |
dc.identifier.scopusid | 2-s2.0-84899694218 | - |
dc.identifier.bibliographicCitation | Information (Japan), v.17, no.1, pp.165 - 180 | - |
dc.relation.isPartOf | Information (Japan) | - |
dc.citation.title | Information (Japan) | - |
dc.citation.volume | 17 | - |
dc.citation.number | 1 | - |
dc.citation.startPage | 165 | - |
dc.citation.endPage | 180 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scopus | - |
dc.subject.keywordAuthor | Blacklist | - |
dc.subject.keywordAuthor | Botnet Risk Index (BRI) | - |
dc.subject.keywordAuthor | DNS Sinkhole | - |
dc.subject.keywordAuthor | Malicious Activity | - |
dc.subject.keywordAuthor | Risk Measurement | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.