Code and Data‎ > ‎

FluxBuster

FluxBuster is a system for detecting live fast-flux networks via passive DNS traffic analysis. It is based on ISC's Security Information Exchange data sharing project (later acquired by a company).
  • A detailed description of the system can be found in 
    • Roberto Perdisci, Igino Corona, Giorgio Giacinto. "Early Detection of Malicious Flux Networks via Large-Scale Passive DNS Traffic Analysis." IEEE Transactions on Dependable and Secure Computing, 9(5), Sept.-Oct. 2012, pp. 714-726. [pdf]

  • The source code can be found at https://github.com/perdisci/fluxbuster