期刊名称:International Journal of Computer Trends and Technology
电子版ISSN:2231-2803
出版年度:2013
卷号:6
期号:3
出版社:Seventh Sense Research Group
摘要:One of the key security threats on the Internet are the compromised machines that can be used to launch various security attacks such as spamming and spreading malware, accessing useful information and DDoS. Attackers for spamming activity are volunteer by large number of compromised machines. Our main focus is on detection of the compromised machines in a network that may be or are involved in the spamming activities; these machines are commonly known as spam zombies. Activities such as port scan, DB scan and so on are treated as malicious activity within the network. So to overcome that we develop one of the most effective spam zombie detection system within the network based on the behavior of other systems as if performing the above activities are treated as zombies machines. If any system within the network try’s to gather some information about any other system then this is treated as a malicious activity and should be not allowed to do so. SYN packets are used in order to initiate communication within the network so as to establish connection. If any system try’s to flood the network with these packets we can make an assumption that the system is trying to gather the information about other system. This is what called footprinting. So we will try to detect any system involved in footprinting and report to the administrator.
