A Botnet-Oriented Collaborative Defense Scheme Description Language

“…Other researchers and corporations can contribute to the system with modules to improve upon BotFlex. In other community-driven approaches, Reference [213] proposes the use of a botnet defence description language to describe the tasks and information sharing primitives between devices handling botnet defence. Some community-driven efforts attempt to detect and prevent botnets by providing databases with known spam bots such as the The Spamhaus Project [218] and IBM X-Force exchange [219], where IT researchers can report suspected IP addresses and see a list of IP addresses along with a % indicator of how likely the IP is used for C&C. Furthermore Structured Threat Information eXpression (STIX) is used for exchanging cyber threat intelligence (CTI) as described in [220].…”

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

“…Other researchers and corporations can contribute to the system with modules to improve upon BotFlex. In other community-driven approaches, Reference [213] proposes the use of a botnet defence description language to describe the tasks and information sharing primitives between devices handling botnet defence. Some community-driven efforts attempt to detect and prevent botnets by providing databases with known spam bots such as the The Spamhaus Project [218] and IBM X-Force exchange [219], where IT researchers can report suspected IP addresses and see a list of IP addresses along with a % indicator of how likely the IP is used for C&C. Furthermore Structured Threat Information eXpression (STIX) is used for exchanging cyber threat intelligence (CTI) as described in [220].…”

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends