Abstract
NoBot is a novel malware detection system that employs packet classification and distinct counting techniques to achieve reliable detection and identification of malware by observing the traffic to and from a network-connected host. The solution is designed to be economically incorporated into endpoint devices, such as Ethernet switches, Gigabit passive optical network (GPON) devices, and digital subscriber line access multiplexers (DSLAMs) leveraging the integral features of the hosting device, such as packet classification, packet counting, packet-forwarding features, and the computing resources of the control processor. NoBot combines these features with deep packet inspection and distinct counting to detect the presence of malware with a low rate of false positive detections. The NoBot software has been incorporated into a Linux device driver, installed into an Android-based smart phone, and implemented as a preprocessor module for the open source Snort Intrusion detection and prevention System (IDS/IPS).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
