Nt1330 Unit 1 Assignment 1

530 Words3 Pages
Detection phase After obtaining the parameters, HsMM could be used to check whether the given observation sequences of SNMP-MIB variables correspond to normal profile or bot profile by calculating their average log likelihoods. The forward-backward algorithm is used to calculate a sequence’s likelihood against a given model. ALL values of training sequences for the normal and botnet systems are computed. If the observation sequence’s ALL value lies in a particular confidence interval, then it will be considered as normal profile. Similarly confidence interval for botnets is identified. If the observation sequence’s ALL lies within this confidence interval, then it will be considered as botnet communication. 3.4 EXPERIMENTAL RESULTS Using the experimental setup, Spyeye, Blackenergy, Zeus, Athena and Andromeda botnets are installed. Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows. While it can be used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. It is also used to install the CryptoLocker ransomware. Zeus is spread mainly through drive-by downloads and phishing schemes.…show more content…
The Spyeye banking malware continues to plague computers across the world and is proving to be a difficult foe to detect and remove from infected Windows PCs. Athena is a stable DDoS botnet coded in C++ which is perfect for infecting and herding windows machines. This botnet has advanced DDoS tactics that will take down web servers, gaming servers, VoIP servers and home connections
Open Document