SlideShare uma empresa Scribd logo

Bot and Botnet Taxonomy

D
digitallibrary

Get a technical overview of the various malicious bot families and how they work, including source code, disassembly analysis and methods they use to attack new systems. Understand common bot internals and the how to both spot them and stop them.

1 de 52
Baixar para ler offline
Bot and Botnet Taxonomy Jose Nazario, Ph.D. Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008
Overview • Bot taxonomy • Bot families • Basic bot commands • Responding to bots Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008
Why a Taxonomy? • Reveal working strategies • Discover technique reuse, advances Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy
Bot and Botnet Taxonomy

Recomendados

Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Security Session
 
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...JanuMorandy
 
SIEM 6N
SIEM 6NSIEM 6N
SIEM 6NIsmail Helva
 
Botnets behavioral patterns in the network. A Machine Learning study of botne...
Botnets behavioral patterns in the network. A Machine Learning study of botne...Botnets behavioral patterns in the network. A Machine Learning study of botne...
Botnets behavioral patterns in the network. A Machine Learning study of botne...Czech Technical University in Prague
 
SIEM use cases - как их написать
SIEM use cases - как их написатьSIEM use cases - как их написать
SIEM use cases - как их написатьOlesya Shelestova
 
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverYour Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverAhmed EL-KOSAIRY
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEMErtugrul Akbas
 
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans Verileri
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans VerileriLog Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans Verileri
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans VerileriErtugrul Akbas
 

Recomendados

Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Security Session
 
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...
CASE STUDY #4: TECHNOLOGY & PRODUCT REVIEW FOR AN SIEM REPLACEMENT CASE S...JanuMorandy
 
SIEM 6N
SIEM 6NSIEM 6N
SIEM 6NIsmail Helva
 
Botnets behavioral patterns in the network. A Machine Learning study of botne...
Botnets behavioral patterns in the network. A Machine Learning study of botne...Botnets behavioral patterns in the network. A Machine Learning study of botne...
Botnets behavioral patterns in the network. A Machine Learning study of botne...Czech Technical University in Prague
 
SIEM use cases - как их написать
SIEM use cases - как их написатьSIEM use cases - как их написать
SIEM use cases - как их написатьOlesya Shelestova
 
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverYour Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverAhmed EL-KOSAIRY
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEMErtugrul Akbas
 
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans Verileri
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans VerileriLog Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans Verileri
Log Korelasyon/SIEM Kural Örnekleri ve Korelasyon Motoru Performans VerileriErtugrul Akbas
 
Log siem korelasyon
Log siem korelasyonLog siem korelasyon
Log siem korelasyonErtugrul Akbas
 
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 securityxploded
 
Log yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEMLog yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEMErtugrul Akbas
 
MapReduce based SVM
MapReduce based SVMMapReduce based SVM
MapReduce based SVMFerhat Ozgur Catak
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...Ertugrul Akbas
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Ertugrul Akbas
 
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...Ertugrul Akbas
 
SureLog SIEM Jobs
SureLog SIEM JobsSureLog SIEM Jobs
SureLog SIEM JobsErtugrul Akbas
 
The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product Ertugrul Akbas
 
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...Ertugrul Akbas
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...Ferhat Ozgur Catak
 
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...Ertugrul Akbas
 
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...Ferhat Ozgur Catak
 
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVMRobust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVMFerhat Ozgur Catak
 
SOA: State of the Union
SOA: State of the UnionSOA: State of the Union
SOA: State of the Uniondigitallibrary
 
How to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on TrackHow to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on Trackdigitallibrary
 
Physical Security & IT
Physical Security & ITPhysical Security & IT
Physical Security & ITdigitallibrary
 
Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?digitallibrary
 
How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...digitallibrary
 
FAN - An Architecture for Data Management
FAN - An Architecture for Data ManagementFAN - An Architecture for Data Management
FAN - An Architecture for Data Managementdigitallibrary
 
10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Vision10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Visiondigitallibrary
 

Mais conteúdo relacionado

Destaque

Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 securityxploded
 
Log yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEMLog yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEMErtugrul Akbas
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...Ertugrul Akbas
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Ertugrul Akbas
 
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...Ertugrul Akbas
 
The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product Ertugrul Akbas
 
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...Ertugrul Akbas
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...Ferhat Ozgur Catak
 
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...Ertugrul Akbas
 
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...Ferhat Ozgur Catak
 
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVMRobust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVMFerhat Ozgur Catak
 

Destaque (15)

Log siem korelasyon
Log siem korelasyonLog siem korelasyon
Log siem korelasyon
 
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1 Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
Advanced Malware Analysis Training Session 2 - Botnet Analysis Part 1
 
Log yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEMLog yonetimi korelasyon ve SIEM
Log yonetimi korelasyon ve SIEM
 
MapReduce based SVM
MapReduce based SVMMapReduce based SVM
MapReduce based SVM
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
 
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
ANET SURELOG INTERNATIONAL EDITION SIEM ÜRÜNÜNÜN KORELASYON İLE İLGİLİ ÜSTÜNL...
 
SureLog SIEM Jobs
SureLog SIEM JobsSureLog SIEM Jobs
SureLog SIEM Jobs
 
The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product The correlation advantages of ANET SURELOG International Edition SIEM product
The correlation advantages of ANET SURELOG International Edition SIEM product
 
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
SIEM ÜRÜNLERİ GÖRÜNÜŞTE BİRBİRİNE BENZİYOR HATTA LOG YÖNETİMİ ÇÖZÜMÜ OLUP DA ...
 
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton ChuvakinFive Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
Five Best and Five Worst Practices for SIEM by Dr. Anton Chuvakin
 
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
Secure Multi-Party Computation Based Privacy Preserving Extreme Learning Mach...
 
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
Hep İşin Geyiğini Yapıyoruz: AR-GE, İnovasyon, Endüstri 4.0, Ahlak, Eğitim, P...
 
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
Dağıtık Sistemler İçin Mahremiyet Korumalı Uç Öğrenme Makinesi Sınıflandırma ...
 
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVMRobust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
Robust Ensemble Classifier Combination Based on Noise Removal with One-Class SVM
 

Mais de digitallibrary

SOA: State of the Union
SOA: State of the UnionSOA: State of the Union
SOA: State of the Uniondigitallibrary
 
How to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on TrackHow to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on Trackdigitallibrary
 
Physical Security & IT
Physical Security & ITPhysical Security & IT
Physical Security & ITdigitallibrary
 
Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?digitallibrary
 
How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...digitallibrary
 
FAN - An Architecture for Data Management
FAN - An Architecture for Data ManagementFAN - An Architecture for Data Management
FAN - An Architecture for Data Managementdigitallibrary
 
10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Vision10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Visiondigitallibrary
 
Virtualization and WAN Optimization
Virtualization and WAN OptimizationVirtualization and WAN Optimization
Virtualization and WAN Optimizationdigitallibrary
 
The Industrialisation of Software Development
The Industrialisation of Software DevelopmentThe Industrialisation of Software Development
The Industrialisation of Software Developmentdigitallibrary
 
The Impact of SOA on Traditional Middleware Technologies
The Impact of SOA on Traditional Middleware TechnologiesThe Impact of SOA on Traditional Middleware Technologies
The Impact of SOA on Traditional Middleware Technologiesdigitallibrary
 
Software 2008: The Convergence of Open Source & SaaS
Software 2008: The Convergence of Open Source & SaaSSoftware 2008: The Convergence of Open Source & SaaS
Software 2008: The Convergence of Open Source & SaaSdigitallibrary
 
The Open Source & SaaS Revolution
The Open Source & SaaS RevolutionThe Open Source & SaaS Revolution
The Open Source & SaaS Revolutiondigitallibrary
 
Sinking like a BRIC: Better Choices than Brazil, Russia,
Sinking like a BRIC: Better Choices than Brazil, Russia,Sinking like a BRIC: Better Choices than Brazil, Russia,
Sinking like a BRIC: Better Choices than Brazil, Russia,digitallibrary
 
Lost in Translation: Unique issues in tech vendor
Lost in Translation: Unique issues in tech vendorLost in Translation: Unique issues in tech vendor
Lost in Translation: Unique issues in tech vendordigitallibrary
 
Adaptive Access Contextual Security for Application Delivery Networks
Adaptive Access Contextual Security for Application Delivery NetworksAdaptive Access Contextual Security for Application Delivery Networks
Adaptive Access Contextual Security for Application Delivery Networksdigitallibrary
 
Virtualized Data Centers
Virtualized Data CentersVirtualized Data Centers
Virtualized Data Centersdigitallibrary
 
The On-Demand Project Execution Company
The On-Demand Project Execution CompanyThe On-Demand Project Execution Company
The On-Demand Project Execution Companydigitallibrary
 
Architectures for IP Telephony Deployment
Architectures for IP Telephony DeploymentArchitectures for IP Telephony Deployment
Architectures for IP Telephony Deploymentdigitallibrary
 
Outsourcing 3.0: India the Market and the Factory for Software Products
Outsourcing 3.0: India the Market and the Factory for Software ProductsOutsourcing 3.0: India the Market and the Factory for Software Products
Outsourcing 3.0: India the Market and the Factory for Software Productsdigitallibrary
 
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...digitallibrary
 

Mais de digitallibrary (20)

SOA: State of the Union
SOA: State of the UnionSOA: State of the Union
SOA: State of the Union
 
How to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on TrackHow to Get (and Keep) Your ITSM Initiative on Track
How to Get (and Keep) Your ITSM Initiative on Track
 
Physical Security & IT
Physical Security & ITPhysical Security & IT
Physical Security & IT
 
Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?Application Virtualization: What its all about and how do you manage it?
Application Virtualization: What its all about and how do you manage it?
 
How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...How taking a strategic approach to WAN optimization supports application deli...
How taking a strategic approach to WAN optimization supports application deli...
 
FAN - An Architecture for Data Management
FAN - An Architecture for Data ManagementFAN - An Architecture for Data Management
FAN - An Architecture for Data Management
 
10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Vision10GE Challenges, Opportunities, Vision
10GE Challenges, Opportunities, Vision
 
Virtualization and WAN Optimization
Virtualization and WAN OptimizationVirtualization and WAN Optimization
Virtualization and WAN Optimization
 
The Industrialisation of Software Development
The Industrialisation of Software DevelopmentThe Industrialisation of Software Development
The Industrialisation of Software Development
 
The Impact of SOA on Traditional Middleware Technologies
The Impact of SOA on Traditional Middleware TechnologiesThe Impact of SOA on Traditional Middleware Technologies
The Impact of SOA on Traditional Middleware Technologies
 
Software 2008: The Convergence of Open Source & SaaS
Software 2008: The Convergence of Open Source & SaaSSoftware 2008: The Convergence of Open Source & SaaS
Software 2008: The Convergence of Open Source & SaaS
 
The Open Source & SaaS Revolution
The Open Source & SaaS RevolutionThe Open Source & SaaS Revolution
The Open Source & SaaS Revolution
 
Sinking like a BRIC: Better Choices than Brazil, Russia,
Sinking like a BRIC: Better Choices than Brazil, Russia,Sinking like a BRIC: Better Choices than Brazil, Russia,
Sinking like a BRIC: Better Choices than Brazil, Russia,
 
Lost in Translation: Unique issues in tech vendor
Lost in Translation: Unique issues in tech vendorLost in Translation: Unique issues in tech vendor
Lost in Translation: Unique issues in tech vendor
 
Adaptive Access Contextual Security for Application Delivery Networks
Adaptive Access Contextual Security for Application Delivery NetworksAdaptive Access Contextual Security for Application Delivery Networks
Adaptive Access Contextual Security for Application Delivery Networks
 
Virtualized Data Centers
Virtualized Data CentersVirtualized Data Centers
Virtualized Data Centers
 
The On-Demand Project Execution Company
The On-Demand Project Execution CompanyThe On-Demand Project Execution Company
The On-Demand Project Execution Company
 
Architectures for IP Telephony Deployment
Architectures for IP Telephony DeploymentArchitectures for IP Telephony Deployment
Architectures for IP Telephony Deployment
 
Outsourcing 3.0: India the Market and the Factory for Software Products
Outsourcing 3.0: India the Market and the Factory for Software ProductsOutsourcing 3.0: India the Market and the Factory for Software Products
Outsourcing 3.0: India the Market and the Factory for Software Products
 
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...
Virtualization: The Best Initiative to Alleviate the Power Crisis in the Data...
 

Bot and Botnet Taxonomy

  • 1. Bot and Botnet Taxonomy Jose Nazario, Ph.D. Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008
  • 2. Overview • Bot taxonomy • Bot families • Basic bot commands • Responding to bots Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008
  • 3. Why a Taxonomy? • Reveal working strategies • Discover technique reuse, advances Jose Nazario, Ph.D. Bot and Botnet Taxonomy C5 April 27, 2008