Detecting Botnets with NetFlow

Authors

KRMÍČEK Vojtěch PLESNÍK Tomáš

Year of publication 2011
Type R&D Presentation
MU Faculty or unit

Institute of Computer Science

Citation
Description Network security awareness based on flow monitoring (NetFlow) is used with success at Masaryk University. We have discovered a new botnet called Chuck Norris at Masaryk University in December 2009. This botnet attacks vulnerable devices as ADSL modems and routers. In this talk, we will present and describe a set of detection methods for revealing Chuck Norris botnet in observed network using flow data. Also we will show the implementation of these methods as a plugin for NetFlow collector NfSen.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info