Feb
20
Botnets, those pernicious threats to internet life, liberty and pursuit of happiness, may have a new enemy. Researchers at the Georgia Tech are using traffic analysis of IRC and HTTP to try to identify botnets in the wild. The theory is that botnets need to communicate with their command and control infrastructure, and that they tend to look like, well botnets rather than people when they do so.
While my description above is a bit tongue-in-cheek, botnets are really a serious threat. There are estimates that they contribute up to 80% of spam email, and they’re regularly used in denial of service attacks like the one we see ongoing right now with WordPress.com blogs. They’re particularly difficult to identify, track, and combat, and there are documented instances of hundreds of thousands and over a million botnet zombie computers under the control of a single individual.
While it’s too early to tell if this new approach will help significantly in the fight, any means we have to help combat botnets are welcome at the party.
[Georgia Tech via Ars Technica]
Comments
Comments »
Blogroll
- Ars Technica
- Dark Reading - IT Security
- Help Net Security
- InformIT
- SANS Internet Storm Center
- Schneier on Security - Dr. Bruce Schieier’s blog
- Security Info Watch
- What to Fix - Daniel Markham, fellow consultant
- Wired Gadget Lab
- Wordpress Documentation
- WordPress Planet
- Wordpress Support Forum
No comments yet.