A first step towards characterizing stealthy botnets

Proceedings - International Conference on Availability, Reliability and Security, ARES 2009

Volumn , Issue , 2009, Pages 106-113

  Leonard, Justin ^a   Xu, Shouhuai ^a   Sandhu, Ravi ^a  

^a One UTSA Circle   (United States)

Author keywords

Botnet C C; Botnet characteristics; Botnet modeling; Botnet stealth management; Stealthy botnets

Indexed keywords

BOTNET CHARACTERISTICS; BOTNET MODELING; BOTNET STEALTH MANAGEMENT; BOTNETS; COMMAND AND CONTROL; CYBER THREATS; DETECTION MECHANISM; STEALTH TECHNIQUE; STEALTHY BOTNETS;

EID: 70349706233     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2009.63     Document Type: Conference Paper

References (24)

1. P. Bacher, T. Holz, M. Kotter, and G. Wicherski. Know your enemy: Tracking botnets. http://www.honeynet.org/papers/ bots/, dated on 13 March 2005.
2. P. Barford and V. Yegneswaran. An inside look at botnets. In Proc. Special Workshop on Malware Detection, Advances in Information Security, 2006.
3. E. Cooke, F. Jahanian, and D. McPherson. The zombie roundup: Understanding, detecting, and disrupting botnets. In SRUTI'05.
4. D. Dagon, G. Gu, C. Lee, and W. Lee. A taxonomy of botnet structures. In ACSAC'07, 2007.
5. D. Dagon, C. Zou, and W. Lee. Modeling botnet propagation using time zones. In Proc. NDSS'06, 2006.
6. F. Freiling, T. Holz, and G. Wicherski. Botnet tracking: Exploring a root-cause methodology to prevent denial-ofservice attaks. In ESORICS'05.
7. J. Goebel and T. Holz. Rishi: Identify bot contaminated hosts by irc nickname evaluation. In First Workshop on Hot Topics in Understanding Botnets, 2007.
8. G. Gu, R. Perdisci, J. Zhang, and W. Lee. BotMiner: Clusteringanalysis of network traffic for protocol- and structureindependent botnet detection. In USENIX Security'08.
9. G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee. Bothunter: Detecting malware infection through ids-driven dialog correlation. In USENIX Security'07.
10. G. Gu, J. Zhang, and W. Lee. Botsniffer: Detecting botnet command and control channels in network traffic. In NDSS'08.
11. C. Kanich, K. Levchenko, B. Enright, G. Voelker, and S. Savage. The heisenbot uncertainty problem: Challenges in separating bots from chaff. In LEET'08.
12. A. Karasaridis, B. Rexroad, and D. Hoeflin. Wide-scale botnet detection and characterization. HotBot'07.
13. C. Livadas, R. Walsh, D. Lapsley, and W. Strayer. Using machine learning techniques to identify botnet traffic. In WNS'06.
14. Trend Micro. Taxonomy of botnet threats (white paper), November 2006.
15. M. Rajab, J. Zarfoss, F. Monrose, and A. Terzis. A multifaceted approach to understanding the botnet phenomenon. In IMC'06.
16. A. Ramachandran, N. Feamster, and D. Dagon. Revealing botnet membership using dnsbl counter-intelligence. InSRUTI'06.
17. A. Ramachandran, S. Seetharaman, N. Feamster, and A. Lakhina. Monitoring stealthy network conversations with sampled traffic. Georgia Tech Technical Report, 2006.
18. E. Stinson and J. Mitchell. Characterizing bots' remote ontrol behavior. In DIMVA'07.
19. W. Strayer, D. Lapsley, R. Walsh, and C. Livadas. Botnet Detection: Countering the Largest Security Threat, In Advances in Information Security, 2008.
20. W. Strayer, R. Walsh, C. Livadas, and D. Lapsley. Detecting Botnets with Tight Command and Control. In LCN'06.
21. R. Vogt, J. Aycock, and M. Jacobson. Army of botnets. In NDSS'07.
22. T. Yen and M. Reiter. Traffic aggregation for malware detection. In DIMVA'08.
23. L. Zhuang, J. Dunagan, D. Simon, H. Wang, I. Osipkov, G. Hulten, and J. Tygar. Characterizing botnets from email spam records. In LEET'08.
24. C. Zou and R. Cunningham. Honeypot-aware advanced botnet construction and maintenance. DSN'06.