Detecting Botnets with NetFlow
Authors | |
---|---|
Year of publication | 2011 |
Type | R&D Presentation |
MU Faculty or unit | |
Citation | |
Description | Network security awareness based on flow monitoring (NetFlow) is used with success at Masaryk University. We have discovered a new botnet called Chuck Norris at Masaryk University in December 2009. This botnet attacks vulnerable devices as ADSL modems and routers. In this talk, we will present and describe a set of detection methods for revealing Chuck Norris botnet in observed network using flow data. Also we will show the implementation of these methods as a plugin for NetFlow collector NfSen. |
Related projects: |