- Botnet Detection in the Core
- BITSI (Biologically Inspired Tactical Security Infrastructure)
- Defenses Against Botnet-Aided Spam over VoIP
- Botnet Activity Detection Based Upon an Analogy to the RNAi Immune System
- Intel's DDI (Distributed Detection and Inference) Research Program
Intel's DDI (Distributed Detection and Inference) Research Program
John Mark Agosta of Intel Corp. notes that “Our approach is to exploit the large number of machines on a network in a completely distributed fashion, both their combined computational resources, and their variety of sensing abilities. Our framework extends this idea to the logical extreme: We consider each end host in the enterprise to have a sensor (or Local Detector) and to communicate with each other host as a peer.” The worm, in this case, would simply observe the current traffic level, and only generate its own traffic when the network was relatively quiet.