Botnet Detection and Mitigation
Dr. Aggelos Kiayias
University of Connecticut
Storrs, CT, 6269 -2155
Nonprofit college or university
This Phase II effort will develop a functional prototype of DMnet, a distributed botnet detection and mitigation system. Our Team will develop and integrate state-of-the-art research in ontology, data fusion, data mining, and data warehousing into DMnet nodes. These nodes will be distributed throughout a network and will work together in a trusted grid to provide increased cyber awareness for botnet detection and mitigation. This system will be sensor-neutral facilitating the integration of current and emerging sensor technology. The prototype will incorporate multiple algorithms for classification and correlation, a unique ontology, and an innovative user interface. We will create a threat management mechanism to evaluate collected events, provide for mitigation, and will develop recommended operating policies and procedures for DMnet users. Commercial Application. Current network prevention, intrusion detection, and prevention applications tend to be single scope rather than integrated. DMnet represents a convergence technology that will integrate security operations into a single system to minimize losses from the distributed threat of botnets. This technology is immediately applicable to federal Government cyber security efforts, large network operations, ISPs, and security management solution providers.
* information listed above is at the time of submission.