Titan Icon

Titan

prealpha

Low Overhead and Multi-faceted Network Fingerprinting of a Bot

Add a Review
0 Downloads (This Week)
Last Update:
  Browse Code SVN Repository

Description

Botnets are an evolutionary form of malware, unique in requiring network connectivity for herding by a botmaster that allows coordinated attacks as well as dynamic evasion from detection. Thus, the most interesting features of a bot relate to its rapidly evolving network behavior. The few academic and commercial malware observation systems that exist, however, are either proprietary or have large cost and management overhead. Moreover, the network behavior of bots changes considerably under different operational contexts. We present Titan: a system that generates faithful network fingerprints by recreating all these contexts and stressing the bot with different network settings and host interactions. This effort includes a semi-automated and tunable containment policy to prevent bot proliferation. Most importantly, Titan has low cost overhead as a minimal setup requires just two machines, while the provision

Titan Web Site

Categories

Security

Update Notifications





Write a Review

User Reviews

Be the first to post a review of Titan!

Additional Project Details

Intended Audience

Science/Research, System Administrators, Security Professionals

Programming Language

Unix Shell, Python

Registered

2014-03-17
Screenshots can attract more users to your project.
Features can attract more users to your project.

Icons must be PNG, GIF, or JPEG and less than 1 MiB in size. They will be displayed as 48x48 images.