Show simple item record

dc.contributor.authorArtore, Dianeen_US
dc.date.accessioned2008-06-10T20:40:44Z
dc.date.available2008-06-10T20:40:44Z
dc.date.issued2007-12-20en_US
dc.identifier.urihttp://hdl.handle.net/1853/22614
dc.description.abstractOver the past decade, webcriminality has become a real issue. Because they allow the botmasters to control hundreds to millions of machines, botnets became the first-choice attack platform for the network attackers, to launch distributed denial of service attacks, steal sensitive information and spend spam emails. This work aims at designing and implementing a honeynet, specific to IRC bots. Our system works in 3 phasis: (1) binaries collection, (2) simulation, and (3) activity capturing and monitoring. Our phase 2 simulation uses an IRC redirection to extract the connection information thanks to a IRC redirection (using a DNS redirection and a "fakeserver"). In phase 3, we use the information previously extracted to launch our honeyclient, which will capture and monitor the traffic on the C&C channel. Thanks to our honeynet, we create a database of the activity of IRC botnets (their connection characteristics, commands on the C&C ), and hope to learn more about their behavior and the underground market they create.en_US
dc.publisherGeorgia Institute of Technologyen_US
dc.subjectBotnetsen_US
dc.subjectHoneynetsen_US
dc.subjectIRC botsen_US
dc.subject.lcshComputer networks--security measures
dc.subject.lcshComputer hackers
dc.titleHoneynet design and implementationen_US
dc.typeThesisen_US
dc.description.degreeM.S.en_US
dc.contributor.departmentComputingen_US
dc.description.advisorCommittee Chair: Wenke Lee; Committee Member: Jonathon Giffin; Committee Member: Mustaque Ahamaden_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record