BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Memento EPFL//
BEGIN:VEVENT
SUMMARY:Botgrep: Detecting botnets via structured graph analysis  
DTSTART:20110622T141500
DTSTAMP:20260407T105910Z
UID:aba708bd5004bd25bb992ec4699dc14d265f25c92aa1984ba84c30e1
CATEGORIES:Conferences - Seminars
DESCRIPTION:Prof. Shishir Nagaraja\, Indraprastha Institute of Information
  Technology\, Delhi (IIIT-D)\nIn this talk I shall first highlight the imp
 act of surveillance botnet attacks and discuss the high level design of su
 ch botnets using a real-world attack as a case study. We will discuss the 
 reasons behind their spectacular successes despite their centralized desig
 n -- a fundamental weakness that limits their scalability and robustness. 
 Botnets designed primarily as vehicles for economic crime reached these li
 mits a while back. As a consequence\, they moved to more decentralized des
 igns based on the use of structured overlay topologies. While this has all
 owed them to scale in vast numbers\, it can also be used as a point of det
 ection. In the second part of the talk\, I shall present techniques (O(nlo
 gn)) to localize botnet members based on the unique communication patterns
  arising from their overlay topologies used for command and control. Exper
 imental results on synthetic topologies embedded within Internet traffic t
 races from an ISP's backbone network indicate that our techniques (i) can 
 localize the majority of bots with low false positive rate\, and (ii) are 
 resilient to the partial visibility arising from partial deployment of mon
 itoring systems\, and measurement inaccuracies arising from partial visibi
 lity and dynamics of background traffic. \n Prof. Nagaraja's homepage
LOCATION:BC 01 https://plan.epfl.ch/?room==BC%2001
STATUS:CONFIRMED
END:VEVENT
END:VCALENDAR