Tracking botnets on Nation Research and Education Network

Burke, Ivan DHerbert, A2020-09-072020-09-072020-06Burke, I.D. and Herbert, A. 2020. Tracking botnets on Nation Research and Education Network. Proceedings of the 19th European Conference on Cyber Warfare and Security, A Virtual Conference Hosted By The University of Chester, United Kingdom, 25-26 June 2020, 10pphttps://www.academic-bookshop.com/ourshop/cat_1643278-2020-Conferences.htmlhttps://www.academic-conferences.org/conferences/eccws/eccws-programme/https://www.amazon.co.uk/Proceedings-European-Conference-Warfare-Security/dp/191276461Xhttp://hdl.handle.net/10204/11569Copyright: 2020 Academic Conferences International (ACI). This is the fulltext version of the work.The South African National Research and Education Network (SANREN) proves network connectivity and services to all tertiary education networks and research councils within South Africa. The NREN forms part of South Africa’s national integrated cyber infrastructure, as such, it is a potential target for cyber-attacks. Due to the large volume of traffic and decentralised nature of the SA NREN, monitoring, reporting and mitigating cyber-attacks is a complex problem. The NREN Cyber Incident Response Team (CSIRT) uses network flow data to identify early indicators of cyber-attacks. In this paper the focus will be on the mechanisms used to identify malicious botnet traffic using network flow analysis.enNetwork flow analysisNation Research and Education NetworkNRENBotnet detectionCyber threat detectionNetwork traffic analysisSouth African National Research and Education NetworkSANRENTracking botnets on Nation Research and Education NetworkConference PresentationBurke, I. D., & Herbert, A. (2020). Tracking botnets on Nation Research and Education Network. Academic Conferences International (ACI). http://hdl.handle.net/10204/11569Burke, Ivan D, and A Herbert. "Tracking botnets on Nation Research and Education Network." (2020): http://hdl.handle.net/10204/11569Burke ID, Herbert A, Tracking botnets on Nation Research and Education Network; Academic Conferences International (ACI); 2020. http://hdl.handle.net/10204/11569 .TY - Conference Presentation AU - Burke, Ivan D AU - Herbert, A AB - The South African National Research and Education Network (SANREN) proves network connectivity and services to all tertiary education networks and research councils within South Africa. The NREN forms part of South Africa’s national integrated cyber infrastructure, as such, it is a potential target for cyber-attacks. Due to the large volume of traffic and decentralised nature of the SA NREN, monitoring, reporting and mitigating cyber-attacks is a complex problem. The NREN Cyber Incident Response Team (CSIRT) uses network flow data to identify early indicators of cyber-attacks. In this paper the focus will be on the mechanisms used to identify malicious botnet traffic using network flow analysis. DA - 2020-06 DB - ResearchSpace DP - CSIR KW - Network flow analysis KW - Nation Research and Education Network KW - NREN KW - Botnet detection KW - Cyber threat detection KW - Network traffic analysis KW - South African National Research and Education Network KW - SANREN LK - https://researchspace.csir.co.za PY - 2020 T1 - Tracking botnets on Nation Research and Education Network TI - Tracking botnets on Nation Research and Education Network UR - http://hdl.handle.net/10204/11569 ER -