عنوان مقاله [English]
نویسندگان [English]چکیده [English]
One of the rising threats of the Internet and computer networks are Bot networks. A Botnet is a network of infected computers connected to the Internet that is controlled by command and control servers and is used for Internet attacks such as denial of service attacks, and for sending spams. Botnets expand their sphere of control by detecting vulnerable systems in the web and compromising them. Botnets are rapidly improving and they use new technologies such as Fast flux to trap more users and enhance the protection of infected computers for their own benefit. In this paper, the Botnet-related concepts are introduced, their development and expansion is explained and after and examination of the threats created by them, the methods of detecting and dealing with them in the IRI Armed Forces systems are studied. Finally, suggestions for the enhancement of network security in the Armed Forces are proposed.
 E. Passerini, et al., "FluXOR : Detecting and Monitoring Fast-Flux Service Networks," in Detection of Intrusions and Malware, and Vulnerability Assessment. vol. 5137, D. Zamboni, Ed., ed: Springer Berlin / Heidelberg, 2008, pp. 186-206.
 J. Nazario and T. Holz, "As the net churns: Fast-flux botnet observations," in Malicious and Unwanted Software, 2008. MALWARE 2008. 3rd International Conference on, 2008, pp. 24-31.
 C. Brandhorst and A. Pras, "DNS: A Statistical Analysis of Name Server Traffic at Local Network-to-Internet Connections," in EUNICE 2005: Networks and Applications Towards a Ubiquitously Connected World. vol. 196, C. Kloos, et al., Eds., ed: Springer Boston, 2006, pp. 255-270.
 J. Goebel and T. Holz, "Rishi: identify bot contaminated hosts by IRC nickname evaluation," resented at the Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, Cambridge, MA, 2007.
 A. Ramachandran, et al., "Revealing botnet membership using DNSBL counter-intelligence," presented at the Proceedings ofthe 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2, San Jose, CA, 2006.
 R. Villamarin-Salomon and J. C. Brustoloni, "Identifying Botnets Using Anomaly Detection Techniques Applied to DNS Traffic," in Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE, 2008, pp. 476-481.
 C. Hyunsang, et al., "Botnet Detection by Monitoring Group Activities inDNS Traffic," in Computer and Information Technology, 2007. CIT 2007. 7th IEEE International Conference on, 2007, pp. 715-720.
 M. Bailey, et al., "A Survey of Botnet Technology and Defenses," in Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications & Technology, 2009, pp. 299-304.
 G. Gu, et al., "BotMiner: clustering analysis of networktraffic for protocol- and structure-independent botnet detection," presented at the Proceedings of the 17th conference on Security symposium, San Jose, CA, 2008.
 A. Caglayan, et al., "Behavioral analysis of fast flux service networks," presented at the Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, Oak Ridge, Tennessee, 2009.
 A. Caglayan, et al., "Real-Time Detection of Fast Flux Service Networks," in Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications & Technology, 2009, pp. 285-292.
 K. Yuji, "Bot Detection Based on Traffic Analysis," in The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007), Jeju Island, Korea, 2007, pp. 303-306.
 D. Dagon, et al., "A taxonomy of botnets," in Proceedings of CAIDA DNS-OARC Workshop, San Jose, CA, 2005.
 G. Ollmann, "Botnet communication topologies," Damballa white paper, 2009.
 Samuel Greengard," The war against botnets", Magazine Communications of the ACM Volume 55Issue 2, February 2012
Manoj Rameshchandra Thakur1, etal, "Detection and prevention of botnets and malware in an enterprise network", International Journal of Wireless and Mobile Computing Volume 5, Number 2/2012