Saif Al-Mashhadi - Academia.edu (original) (raw)
Uploads
Papers by Saif Al-Mashhadi
Botnets can simultaneously control millions of Internet-connected devices to launch damaging cybe... more Botnets can simultaneously control millions of Internet-connected devices to launch damaging cyber-attacks that pose significant threats to the Internet. In a botnet, bot-masters communicate with the command and control server using various communication protocols. One of the widely used communication protocols is the ‘Domain Name System’ (DNS) service, an essential Internet service. Bot-masters utilise Domain Generation Algorithms (DGA) and fast-flux techniques to avoid static blacklists and reverse engineering while remaining flexible. However, botnet’s DNS communication generates anomalous DNS traffic throughout the botnet life cycle, and such anomaly is considered an indicator of DNS-based botnets presence in the network. Despite several approaches proposed to detect botnets based on DNS traffic analysis; however, the problem still exists and is challenging due to several reasons, such as not considering significant features and rules that contribute to the detection of DNS-base...
A botnet is a network of computing devices being commanded by an attacker, a daily Internet probl... more A botnet is a network of computing devices being commanded by an attacker, a daily Internet problem, causing extensive economic damage for organizations and individuals. With the avail of botnets, attackers can perform remote control on exploited machines, performing several malicious activities, since it enormously increases a botnet’s survivability by evading detection, Domain Name System (DNS) nowadays is a favourable botnet communication channel. Fortunately, many strategies have been introduced and developed to undertake the issue of botnets based on DNS resolving; this review explores the various botnet detection techniques through providing a study for detection approached based on DNS traffic analysis. Some related topics, including technological background, life cycle, evasion, and detection techniques of botnets are introduced.
Intelligent and Interactive Computing
IPv6 is becoming more and more entrenched, especially as the shortage of IPv4 address became obvi... more IPv6 is becoming more and more entrenched, especially as the shortage of IPv4 address became obvious recently. Internet Protocol version 6 (IPv6) uses Dynamic Host Configuration Protocol for IPv6 (DHCPv6) for assigning the IPv6 address to hosts and provides the host with network configuration parameters. The DHCPv6 protocol may use to reveal host information and inject fake information into a host. Thus, the authentication and privacy of the DHCPv6 messages are a vital security component in the IPv6 network. This paper proposes a new security approach to provide privacy and security for the DHCPv6 message. The proposed approach utilized a hybrid cryptosystem and Message Authentication Code (MAC) algorithm to provide privacy and authentication. The paper also presents the expected results for the proposed approach and the future works.
Lecture Notes in Electrical Engineering
International Journal of Internet Technology and Secured Transactions
A botnet is a network of computing devices being commanded by an attacker, a daily Internet probl... more A botnet is a network of computing devices being commanded by an attacker, a daily Internet problem, causing extensive economic damage for organisations and individuals. With the avail of botnets, attackers can perform remote control on exploited machines, performing several malicious activities, since it enormously increases a botnet's survivability by evading detection, Domain Name System (DNS) nowadays is a favourable botnet communication channel. Fortunately, many strategies have been introduced and developed to undertake the issue of botnets based on DNS resolving; this review explores the various botnet detection techniques through providing a study for detection approached based on DNS traffic analysis. Some related topics, including technological background, lifecycle, evasion and detection techniques of botnets, are introduced.
Botnets can simultaneously control millions of Internet-connected devices to launch damaging cybe... more Botnets can simultaneously control millions of Internet-connected devices to launch damaging cyber-attacks that pose significant threats to the Internet. In a botnet, bot-masters communicate with the command and control server using various communication protocols. One of the widely used communication protocols is the ‘Domain Name System’ (DNS) service, an essential Internet service. Bot-masters utilise Domain Generation Algorithms (DGA) and fast-flux techniques to avoid static blacklists and reverse engineering while remaining flexible. However, botnet’s DNS communication generates anomalous DNS traffic throughout the botnet life cycle, and such anomaly is considered an indicator of DNS-based botnets presence in the network. Despite several approaches proposed to detect botnets based on DNS traffic analysis; however, the problem still exists and is challenging due to several reasons, such as not considering significant features and rules that contribute to the detection of DNS-base...
A botnet is a network of computing devices being commanded by an attacker, a daily Internet probl... more A botnet is a network of computing devices being commanded by an attacker, a daily Internet problem, causing extensive economic damage for organizations and individuals. With the avail of botnets, attackers can perform remote control on exploited machines, performing several malicious activities, since it enormously increases a botnet’s survivability by evading detection, Domain Name System (DNS) nowadays is a favourable botnet communication channel. Fortunately, many strategies have been introduced and developed to undertake the issue of botnets based on DNS resolving; this review explores the various botnet detection techniques through providing a study for detection approached based on DNS traffic analysis. Some related topics, including technological background, life cycle, evasion, and detection techniques of botnets are introduced.
Intelligent and Interactive Computing
IPv6 is becoming more and more entrenched, especially as the shortage of IPv4 address became obvi... more IPv6 is becoming more and more entrenched, especially as the shortage of IPv4 address became obvious recently. Internet Protocol version 6 (IPv6) uses Dynamic Host Configuration Protocol for IPv6 (DHCPv6) for assigning the IPv6 address to hosts and provides the host with network configuration parameters. The DHCPv6 protocol may use to reveal host information and inject fake information into a host. Thus, the authentication and privacy of the DHCPv6 messages are a vital security component in the IPv6 network. This paper proposes a new security approach to provide privacy and security for the DHCPv6 message. The proposed approach utilized a hybrid cryptosystem and Message Authentication Code (MAC) algorithm to provide privacy and authentication. The paper also presents the expected results for the proposed approach and the future works.
Lecture Notes in Electrical Engineering
International Journal of Internet Technology and Secured Transactions
A botnet is a network of computing devices being commanded by an attacker, a daily Internet probl... more A botnet is a network of computing devices being commanded by an attacker, a daily Internet problem, causing extensive economic damage for organisations and individuals. With the avail of botnets, attackers can perform remote control on exploited machines, performing several malicious activities, since it enormously increases a botnet's survivability by evading detection, Domain Name System (DNS) nowadays is a favourable botnet communication channel. Fortunately, many strategies have been introduced and developed to undertake the issue of botnets based on DNS resolving; this review explores the various botnet detection techniques through providing a study for detection approached based on DNS traffic analysis. Some related topics, including technological background, lifecycle, evasion and detection techniques of botnets, are introduced.