Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware.
The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions, according to University of Georgia and Georgia Institute of Technology who will present a paper on Pleiades at this week's Usenix Security conference in Bellevue, WA. The idea is to detect such malware before its handlers can change, encrypt or otherwise hide it.