A new DNS-based anti-evasion technique for botnets detection is proposed. It is based on a cluster analysis of the features obtained from the payload of DNS-messages. The method uses a semi-supervised fuzzy c-means clustering. Usage of the developed method makes it possible to detect botnets that use the DNS-based evasion techniques with high efficiency.
A new approach for the botnet detection based on multi-agent system is proposed. For increasing of the efficiency of botnet detection the multi-agent system was involved that allowed to make botnet detection via agents' communication within corporate network. A new technique with the usage of fuzzy and neural-fuzzy systems that makes the conclusion about… (More)
A new approach for the botnet detection based on multi-agent system is proposed. The structure and main principles of antiviral agents' functioning within multi-agent system is developed. The principles of communication between the agent's units before and after attack on the computer system were developed. Software for realisation of antivirus multi-agent… (More)