Publicação
Analyzing the behavior of top spam botnets
| Resumo: | Botnets became the preferred platform for launching attacks and committing fraud on enterprise networks and the Internet itself. Characterizing existing Botnets will help to coordinate and develop new technologies to face this serious security threat. Several approaches can be taken to study this phenomenon: analyze its source code, which can be a hard task mainly due to license restrictions; study the control mechanism, particularly the activity of its Command and Control server(s); study its behavior, by measuring real traffic and collecting relevant statistics. In this work, we have installed some of the most popular spam Botnets, capturing the originated traffic and characterizing it in order to identify the main trends/patterns of their activity. From the intensive statistics that were collected, it was possible to conclude that there are distinct features between different Botnets that can be explored to build efficient detection methodologies. |
|---|---|
| Autores principais: | Silva, Rui Jorge |
| Outros Autores: | Rodrigues, Nuno G.; Salvador, Paulo; Nogueira, António Manuel |
| Assunto: | Spam Botnet Statistical characterization |
| Ano: | 2012 |
| País: | Portugal |
| Tipo de documento: | comunicação em conferência |
| Tipo de acesso: | acesso restrito |
| Instituição associada: | Instituto Politécnico de Bragança |
| Idioma: | inglês |
| Origem: | Biblioteca Digital do IPB |
| Resumo: | Botnets became the preferred platform for launching attacks and committing fraud on enterprise networks and the Internet itself. Characterizing existing Botnets will help to coordinate and develop new technologies to face this serious security threat. Several approaches can be taken to study this phenomenon: analyze its source code, which can be a hard task mainly due to license restrictions; study the control mechanism, particularly the activity of its Command and Control server(s); study its behavior, by measuring real traffic and collecting relevant statistics. In this work, we have installed some of the most popular spam Botnets, capturing the originated traffic and characterizing it in order to identify the main trends/patterns of their activity. From the intensive statistics that were collected, it was possible to conclude that there are distinct features between different Botnets that can be explored to build efficient detection methodologies. |
|---|