Marcel E. M. Spruit

  • Citations Per Year
Learn More
A new generation of botnets abuses popular social media like Twitter, Facebook, and Youtube as Command and Control channel. This challenges the detection of Command and Control traffic, because traditional IDS approaches, based on statistical flow anomalies, protocol anomalies, payload signatures, and server blacklists, do not work in this case. In this(More)
The Command and Control communication of a botnet is evolving into sophisticated covert communication. Techniques as encryption, steganography, and recently the use of social network websites as a proxy, impede conventional detection of botnet communication. In this paper we propose detection of covert communication by passive hostexternal analysis of(More)
Malicious botnets threaten the Internet by DDoS-attacks, spam, information theft and other criminal activities. They are using increasingly sophisticated techniques to hide the Command and Control traffic. Many existing detection techniques can be defeated by encryption, tunneling in popular protocols, delays, and flow perturbation. We introduce a new(More)
Many organisations use risk analysis to analyse the vulnerability of their information technology. However, the majority of existing risk analysis methods and tools cannot deal adequately with the variable complex of measures against Internet threats, depending on Internet services rather than installed equipment or information systems. This paper describes(More)