FlowTraq > Botnet and Anomaly Detection

Botnet and Anomaly Detection

Monitor changes in network behavior for malicious botnets and network threats.

Unusual network behavior patterns often indicate botnets, rogue servers, unauthorized clients, or other network threats. Anomalies and changes in network behavior can be detected by FlowTraq.

After carefully learning the typical patterns on your network, FlowTraq reveals any new connections that do not fit the normal communication pattern on your network.

Network Behavior Intelligence Toolkit

FlowTraq offers a suite of network behavioral anomaly detection tools known as Network Behavioral Intelligence (NBI) Toolkit. The Toolkit consists of a number of configurable, purpose-built detectors that connect to a FlowTraq Server, detect certain kinds of behaviors, and log detected behaviors to syslog.  NBI can be used for botnet and anomaly detection.

How it Works

Using intelligent machine learning algorithms, FlowTraq pinpoints which traffic sessions on the network are unusual, interesting, or potentially malicious. The tools in the Toolkit study your traffic and generate a behavioral fingerprint of your network, which they then use to decide if communications are potentially anomalous.

Do you have questions about FlowTraq botnet and anomaly detection? Contact our technical team today.

Botnet Characterization

Botnets are large collections of computers, called zombies, controlled by a bot master, a hacker who can use his botnet to perform attacks at any time. He builds his botnet using worms, viruses, and phishing emails, all of which turn systems on your network into zombies he can control from a central location.

Bots may infect vulnerable machines on your network with spam, viruses and spyware. After taking over a computer, bots may steal corporate and personal information, sending it back to servers accessible by the malicious user. Bots may compromise intellectual property, corporate trade secrets, credit card numbers, banking credentials, and personal identity information.

FlowTraq Detects Command and Control Channels

Botnets spend most of their time dormant, however, and to keep them ready at a moments’ notice, hackers maintain low volume connections called command and control (C2) channels. Although these channels are low in volume, they are long in duration, which is a behavior FlowTraq can easily detect.

FlowTraq can help you defend your network from these threats and more.

Schedule a Personalized Demo Today.