Detecting Botnets with NetFlow



Year of publication 2011
Type R&D Presentation
MU Faculty or unit

Institute of Computer Science

Description Network security awareness based on flow monitoring (NetFlow) is used with success at Masaryk University. We have discovered a new botnet called Chuck Norris at Masaryk University in December 2009. This botnet attacks vulnerable devices as ADSL modems and routers. In this talk, we will present and describe a set of detection methods for revealing Chuck Norris botnet in observed network using flow data. Also we will show the implementation of these methods as a plugin for NetFlow collector NfSen.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info