Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

An Investigation of Botnet Activity based on DNS Analysis


Affiliations
1 Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College, Avadi, Chennai - 600062, Tamil Nadu, India
 

Background/Objectives: Botnet is used to increase congestion over DNS. The botmasters can establish a network between client and server to generate more queries to increase traffic via HTTP1. Thus, this paper used DPI approach to control botnet activities. Methods/Statistical Analysis: Deep Packet Inspection (DPI) is implemented to spot the bots behaviour and it reduced by assist of DNS packet load. DPI method cleans illegitimate entry towards DNS before bots try to enter. So, DPI method can able to suggest previous information about the Command and Control (CC) activities to reduce its performance. Findings: Monitoring the traffic over DNS and reducing the illegal connection from compromised host (botnet) using DPI were obtained in this study. Applications: Data secure can be created in Defence area, government sectors and private concerns.

Keywords

Botnet Avoidance, Botnet Communication, Botnet Propagation, Deep Packet Inspection (DPI), Tracking Botnet
User

Abstract Views: 139

PDF Views: 0




  • An Investigation of Botnet Activity based on DNS Analysis

Abstract Views: 139  |  PDF Views: 0

Authors

P. Ashok
Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College, Avadi, Chennai - 600062, Tamil Nadu, India
J. Velmurugan
Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College, Avadi, Chennai - 600062, Tamil Nadu, India
M. Abinaya
Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College, Avadi, Chennai - 600062, Tamil Nadu, India
B. Usha Shree Jayanthi
Vel Tech High Tech Dr. Rangarajan Dr. Sakunthala Engineering College, Avadi, Chennai - 600062, Tamil Nadu, India

Abstract


Background/Objectives: Botnet is used to increase congestion over DNS. The botmasters can establish a network between client and server to generate more queries to increase traffic via HTTP1. Thus, this paper used DPI approach to control botnet activities. Methods/Statistical Analysis: Deep Packet Inspection (DPI) is implemented to spot the bots behaviour and it reduced by assist of DNS packet load. DPI method cleans illegitimate entry towards DNS before bots try to enter. So, DPI method can able to suggest previous information about the Command and Control (CC) activities to reduce its performance. Findings: Monitoring the traffic over DNS and reducing the illegal connection from compromised host (botnet) using DPI were obtained in this study. Applications: Data secure can be created in Defence area, government sectors and private concerns.

Keywords


Botnet Avoidance, Botnet Communication, Botnet Propagation, Deep Packet Inspection (DPI), Tracking Botnet



DOI: https://doi.org/10.17485/ijst%2F2016%2Fv9i16%2F132739