account
search
search

Technique can spot 'zombie' computers

  |   May 1, 2012 at 5:29 PM
MUMBAI, May 1 (UPI) -- Researchers in India say they can detect the presence of a botnet on a computer network and block its malicious activities before it does too much damage.

Writing in the International Journal of Wireless and Mobile Computing, they describe a new algorithm to detect bots, or programs that create "zombie" computers, responsible for spam e-mail, corporate spying or Distributed Denial of Service attacks that can knock out entire networks and make them inaccessible to legitimate users.

A bot is a program placed on a computer without the owner's knowledge and running any of a number of illicit tasks over the network and the wider Internet.

Manoj Thakur of the Veermata Jijabai Technological Institute and colleagues say their technique uses a two-pronged strategy involving a standalone algorithm running independently on each node of the network that monitors active processes. If it detects suspicious activity, it triggers the network algorithm.

That algorithm analyzes information being transferred on the network to determine if the activity is due to a bot or a legitimate program on the system.

The two techniques working together can spot activity from both known and unknown bots, the researchers said.

Related UPI Stories
© 2012 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
x
Feedback