Botnets: Measurement, Detection, Disinfection and Defence

As per www.h-online.com online article, The European Network and Information Security Agency (ENISA) has released a report on the methods for detecting, measuring and fighting botnets. Entitled “Botnets: Measurement, Detection, Disinfection and Defence” (PDF), the report describes various methods in the individual disciplines; among its findings is that the size of a botnet isn’t a measure of the threat it represents.

Individual risks need to be evaluated for different groups of stakeholders, for instance in terms of a botnet’s damage potential for an individual group, said the report. The detection of botnets is generally said to be difficult because, as an example, bots behind a gateway in a corporate network may only appear as a single IP address.

In its report, ENISA also makes recommendations on what needs to change on an organisational and policy level, beyond the mostly already solved technical issues, in order to enhance the capabilities for combating botnets. For example, ENISA said that ISPs should be given financial incentives for supporting their customers in the fight against malware. Another recommendation is to tackle the value-creation schemes of botnet operators to minimise the profitability of their botnets.

The successful mitigation of botnets is also reportedly hindered by unclear or inconsistent legislation across Europe. For instance, there is apparently no unified ruling on whether an IP address is to be treated as personal data. The exchange of information among EU member states should also be improved, said the report.

If the above link does not work, please click here to access ENISA’s web page to download the report

I advice everyone to read this report, it is a great source of information for all people who’d like to educate themselves on Botnet threats.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: