Researchers at Texas A&M University say they have a new method for finding domain-fluxing botnets, which evade detection by constantly alternating domain names.
Dr. Narasimha Reddy, who works in the University's Department of Electrical and Computer Engineering, collaborated with student Sandeep Yadav and Ashwath Reddy, as well as with Supranamaya "Soups" Ranjan with Narus, to develop the new method. It can be used to detect botnets like Conficker, Kraken and Torpig, which use the so-called DNS domain-fluxing for their command and control infrastructure.
New tool detects malicious websites before they cause harm