CyberProbe: Towards Internet-Scale Active Detection of Malicious Servers presented at NDSS 2014

by Guofei Gu, Juan Caballero, M. zubair Rafique, Antonio Nappa, Zhaoyan Xu,

Summary : CyberProbe implements a novel active probing approach for detecting malicious servers and compromised hosts that listen for network requests. It sends probes to remote hosts and examines their responses, determining whether they are malicious. CyberProbe has identified 151 malicious servers and 7,881 P2P bots through 24 localized and Internet-wide scans.