|Description||Maintain Methods to Detect Bot/Malware Infection:
ISPs should maintain methods to detect likely malware infection of customer equipment.
Detection methods will vary widely due to a range of factors. Detection methods, tools, and processes may include but are not limited to: external feedback, observation of network conditions and traffic such as bandwidth and/or traffic pattern analysis, signatures, behavior techniques, and forensic monitoring of customers on a more detailed level.
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Intrusion Detection;|
|Reference/Comments||More information can be found at:
Note that the Best Practices in this grouping are primarily aimed at ISPs that provide service to consumer end-users on residential broadband networks, but may be applicable to other users and networks as well.