So you want to take over a botnet...

5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, LEET 2012: Botnets, Spyware, Worms, New Emerging Threats, and More

Volumn , Issue , 2012, Pages

  Dittrich, David ^a  

^a UNIVERSITY OF WASHINGTON   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPETITION; COMPUTER VIRUSES; CRIME; DENIAL-OF-SERVICE ATTACK; DISTRIBUTED COMPUTER SYSTEMS; INDUSTRIAL RESEARCH; NETWORK SECURITY; REVERSE ENGINEERING;

COMPETITIVE ADVANTAGE; DISTRIBUTED ATTACK; EXFILTRATION; FINANCIAL INFORMATION; INDUSTRIAL ESPIONAGE; PROPRIETARY INFORMATION; RESEARCH COMMUNITIES; UNINTENDED CONSEQUENCES;

BOTNET;

EID: 85084096031     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (44)

1. “The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research” (“Menlo Report”) for the Department of Homeland Security (DHS), Science and Technology, Cyber Security Division (CSD), December 2011. Docket No. DHS–2011–0074.
2. ADAIR, S. New Fast Flux Botnet for the Holidays: Could it be Storm Worm 3.0/Waledac 2.0?, December 2010.
3. ANSELMI, D., BOSCOVICH, R., CAMPANA, T., DOERR, S., LAURICELLA, M., PETROVSKY, O., SAADE, T., AND STEWART, H. Battling the Rustock Threat, June 2011. Microsoft Security Intelligence Report Special Edition.
4. BOLDEWIN, F. A Journey to the Center of the Rustock.B Rootkit, January 2007.
5. BORUP, L. T. Peer-to-peer botnets: A case study on Waledac. Master’s thesis, Technical University of Denmark, 2009.
6. BOSCOVICH, R. D. Microsoft Neutralizes Kelihos Botnet, Names Defendant in Case, September 2011.
7. CHECHIK, D. Bredolab Trojan – Malware Review, December 2010.
8. CHIANG, K., AND LLOYD, L. A case study of the rustock rootkit and spam bot. In HotBots’07: Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets (Berkeley, CA, USA, 2007), USENIX Association, pp. 10–10.
9. CHO, C. Y., CABALLERO, J., GRIER, C., PAXSON, V., AND SONG, D. Insights from the Inside: A View of Botnet Management from Infiltration. In LEET’10: Third USENIX Workshop on Large-Scale Exploits and Emergent Threats (April 2010).
10. CORRONS, L. Mariposa botnet, March 2010.
11. DECKER, A., SANCHO, D., KHAROUNI, L., GONCHAROV, M., AND MCARDLE, R. A study of the Pushdo / Cutwail Botnet, May 2009.
12. DELLAERA, A. Low-interaction honeyclient Thug released! https://www.honeynet.org/node/827.
13. DITTRICH, D., AND DIETRICH, S. Command and control structures in malware: From Handler/Agent to P2P. In USENIX;login: vol. 32, no. 6 (December 2007).
14. DITTRICH, D., AND HIMMA, K. E. Active Response to Computer Intrusions. Chapter 182 in Vol. III, Handbook of Information Security, 2005. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=790585.
15. DITTRICH, D., LEDER, F., AND WERNER, T. A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets. In Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security (2010), FC’10, Springer-Verlag, pp. 216–230.
16. GRIER, C. Anti-virus labels are not suitable for system evaluation. http://www.imchris.org/wp/2011/09/02/, September 2011.
17. JEKIL. MAEC second round: support completed. http://blog.cuckoobox.org/2012/01/31/maec-second-round-support-completed/.
18. KADIEV, A. End of the Line for the Bredolab Botnet?, December 2010.
19. KIRILLOV, I. A., CHASE, M. P., BECK, D. A., AND MARTIN, R. A. The Concepts of the Malware Attribute Enumeration and Characterization (MAEC) Effort. http://maec.mitre.org/about/docs/The_MAEC_Concept.pdf, 2010.
20. KIRK, J. Dutch team up with Armenia for Bredolab botnet take down, October 2010.
21. LEDER, F., AND WERNER, T. Know Your Enemy: Containing Conficker, April 2009.
22. LEMOS, R. What it takes to shut down a botnet. http://www.infoworld.com/t/anti-spam/what-it-takes-shut-down-botnet-903, August 2010.
23. MCMILLAN, R. Spanish Police Take Down Massive Mariposa Botnet, March 2010.
24. MICROSOFT NEWS CENTER. Cracking Down on Botnets, March 2010.
25. MILLS, E. BBC buys, uses botnet to show dangers to PCs, March 2009. http://news.cnet.com/8301-1009_3-10195550-83.html.
26. MOORE, T., AND CLAYTON, R. Ethical Dilemmas in Takedown Research. In Financial Cryptography and Data Security, vol. LNCS 7126 of Lecture Notes in Computer Science. Springer-Verlag, 2012.
27. MUSHTAQ, A. Harnig is Back, August 2011.
28. PORRAS, P., SAIDI, H., AND YEGNESWARAN, V. Conficker C P2P Protocol and Implementation, September 2009.
29. RAJAB, M. A., ZARFOSS, J., MONROSE, F., AND TERZIS, A. My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging. In Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets (2007), USENIX Association, pp. 5–5.
30. RASHID, F. Y. Harnig Malware Botnet Also Shut Down After Rustock Raid, April 2011.
31. SEVERAL. Results of the Distributed-Systems Intruder Tools Workshop. CERT/CC, December 1999.
32. SEVERAL. Conficker Working Group: Lessons Learned, June 2010.
33. SHIELS, M. Trojan virus steals banking info, October 2008.
34. SINCLAIR, G., NUNNERY, C., AND KANG, B. B. The Waledac Protocol: The How and Why. In Proceedings of the 4th International Conference on Malicious and Unwanted Software (MAL-WARE) 2009 (February 2010), pp. 69–77.
35. STEWART, J. Ozdok/Mega-D Trojan Analysis. http://www.secureworks.com/research/threats/ozdok/, February 2008.
36. STONE, B. Authorities Shut Down Major Spam Ring, October 2008.
37. STONE-GROSS, B., COVA, M., CAVALLARO, L., GILBERT, B., SZYDLOWSKI, M., KEMMERER, R., KRUEGEL, C., AND VIGNA, G. Your Botnet is My Botnet: Analysis of a Botnet Takeover. In Proceedings of the ACM CCS (November 2009).
38. STOVER, S., DITTRICH, D., HERNANDEZ, J., AND DIETRICH, S. Analysis of the Storm and Nugache Trojans: P2P is here. In USENIX;login: vol. 32, no. 6 (December 2007).
39. TENEBRO, G. Threat AnalysisW32.Waledac, 2009.
40. THE YOMIURI SHIMBUN. Govt working on defensive cyberweapon /Virus can trace, disable sources of cyberattacks. http://www.yomiuri.co.jp/dy/national/T120102002799.htm, January 2012.
41. THOMPSON, M. Mariposa Botnet Analysis. http://www.defintel.com/docs/Mariposa_Analysis.pdf, October 2009.
42. UNITED STATES DEPARTMENT OF JUSTICE. United States v. John Does 1 – 13, April 2011.
43. VAMOSI, R. Security expert talks Russian gangs, botnets, November 2008.
44. WERNER, T. Botnet Shutdown Success Story: How Kaspersky Lab Disabled the Hlux/Kelihos Botnet, September 2011.