K. Kaemarungsi, Nawattapon Yoskamtorn, Kitisak Jirawannakool, Nuttapong Sanglerdsinlapachai, C. Luangingkasut
{"title":"Botnet Statistical Analysis Tool for Limited Resource Computer Emergency Response Team","authors":"K. Kaemarungsi, Nawattapon Yoskamtorn, Kitisak Jirawannakool, Nuttapong Sanglerdsinlapachai, C. Luangingkasut","doi":"10.1109/IMF.2009.13","DOIUrl":null,"url":null,"abstract":"Botnet is recognized as one of the fastest growing threat to the Internet and most users do not aware that they were victimized. ThaiCERT is one of many computer emergency response teams that have limited resources in term of budget to monitor and handle this kind of threat. An interim solution for teams with limited resource is to subscribe to the Shadowserver Foundation’s mailing list instead of deploying their own capturing and monitoring tools. The valuable information from the Shadowserver Foundation in form of plaintext e-mails may be difficult to manage and analyze. However, there is a need to analyze information provided by the Shadowserver Foundation to be able to efficiently handle botnet’s incidents for our own constituency. In this manuscript, we present our approach to handle the botnet threat using available information from the Shadowserver Foundation and describe our automate tool using by our incident handling team. Finally, we present our statistical data on botnet’s threat in our constituency over the last two years.","PeriodicalId":370893,"journal":{"name":"2009 Fifth International Conference on IT Security Incident Management and IT Forensics","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Fifth International Conference on IT Security Incident Management and IT Forensics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMF.2009.13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Botnet is recognized as one of the fastest growing threat to the Internet and most users do not aware that they were victimized. ThaiCERT is one of many computer emergency response teams that have limited resources in term of budget to monitor and handle this kind of threat. An interim solution for teams with limited resource is to subscribe to the Shadowserver Foundation’s mailing list instead of deploying their own capturing and monitoring tools. The valuable information from the Shadowserver Foundation in form of plaintext e-mails may be difficult to manage and analyze. However, there is a need to analyze information provided by the Shadowserver Foundation to be able to efficiently handle botnet’s incidents for our own constituency. In this manuscript, we present our approach to handle the botnet threat using available information from the Shadowserver Foundation and describe our automate tool using by our incident handling team. Finally, we present our statistical data on botnet’s threat in our constituency over the last two years.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
