Areej Al-Bataineh's research while affiliated with University of Texas at San Antonio and other places

Publications (4)

Conference Paper
Data stealing botnets pose a great risk to the security of networks and the privacy of their users. Most of these botnets use the web as a medium for communication, making them difficult to detect given that web traffic constitutes about 70% of Internet traffic. In addition, they use obfuscation techniques, primarily encryption, to hide their commu...
Conference Paper
In this paper we address the following questions: From a networking perspective, do malicious programs (malware, bots, viruses, etc...) behave differently from benign programs that run daily for various needs? If so, how may we exploit the differences in network behavior to detect them? To address these questions, we are systematically analyzing th...
Conference Paper
Detecting bots is becoming increasingly challenging with the sophistication of current bot technology. Most research has focused on identifying infected host machines but is unable to identify the specific bot processes on the host. This research analyzes active bot processes with emphasis on a newly identified vector of detection based on DNS acti...
Article
Although antispam measures are improving, the spam volume is increasing due to the use of Botnets . Botnets facilitate an efficient generation and guaranteed delivery of large volumes of spam. Spambots, or spamgenerating bots, use different transmission methods based on the network settings of the infected host. These methods include relaying, prox...

Citations

... Al-Bataineh et al. proposed a classification algorithm to identify malicious data stealing attempts within web traffic. The classifier uses entropy and byte frequency distribution of HTTP POST request contents as features [17]. Ranjan et al. apply machine learning to predict malicious users from the legitimate users by using the traffic generated by users' browsing on the web application. ...
... Chronicle According to recent reports[40], 83.1% of Email spam was sent through botnets in March 2011 since bots are inexpensive, relatively easy to propagate and very hard to detect, remunerating their botmasters (controllers) financially. Although the subject of botnet and botnet detection has gained a lot of attention and thus, there are several surveys on botnets[12][13][14][20][21][22][23][24][25][26][27][28][29][30][31]in the literature but all of them cover the botnet problem in general, discussing different aspects like botnet phenomenon, botnet detection techniques and countermeasures. Also what was missing in these surveys is that all of these studies review only a few of all the research efforts intended only for detecting Email spamming botnets. ...
... In [24] a method is proposed which identifies Suspicious Reactions to DNS Response Behavior. These suspicious behaviors are identified by building a tree which represents DNS activity, successful or failed DNS and reverse DNS queries, and successful or failed connections to the results of those DNS queries. ...
... A novel management mechanism SMTD is proposed which is based on trust and penalty to deal with security problems in CRNs. Morales et al. [27], provided a novel effective algorithm using the kernel KMC (k-means clustering) method to be answerable for attacker detection, which not only improves the attacker detection performance but also offers processing and memory savings. ...