Early-Warning System for Botnets
This project was initiated by Dr. Alexander K. Seewald and was conducted at the Research Lab Computational Technologies and Applications of the faculty for computer science of the University of Vienna under the leadership of Dr. Wilfried Gansterer.
Previous research initiatives are focussed on the recognition and defense against unwanted or potentially harmful E-Mail messages (for simplification purposes named as Spam). Within this project we will focus on an important complementary area - the proactive identification and early recognition of the souce of spam.
Most of today's spam is sent from big networks of captured computers of innocent users, which were infected with malware by spammers (so called bot nets). The aim is an early-warning system for botnets to secure the Austrian internet.
Visualisation of Botnet activity from 2009/05/27 (sped up)
Different colors show access by different spam bots.
Background: Visible Earth (NASA), IP location by IP Address Location
Spambot training data provided by Marshal Trace.
This project was funded by Internet Privatstiftung Austria as NetIdee project 2007.
This project has ended.
Research project: Botnet-Tracker, awarded by Elsevier Computers & Security Journal.
A.K.Seewald (2009) Detection and Identification of BotNets, Talk at the RIPE 58 Meeting, Amsterdam, 2009.
Seewald A.K., Gansterer W.N.: On the Detection and Identification of Botnets. Computers and Security, Volume 29, Issue 1, February 2010, Pages 45-58.
Seewald A.K.: Towards Automating Malware Classification and Characterization. In Konferenzband der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik (german-language proceedings), Saarbrücken, April 2008, pp. 291-302.