An Analysis of the Slapper Worm
IEEE Security and Privacy
IEEE Security and Privacy
Honeypot-Aware Advanced Botnet Construction and Maintenance
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
A multifaceted approach to understanding the botnet phenomenon
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
An algorithm for anomaly-based botnet detection
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Revealing botnet membership using DNSBL counter-intelligence
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A survey and comparison of peer-to-peer overlay network schemes
IEEE Communications Surveys & Tutorials
Traffic Aggregation for Malware Detection
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
BotTracer: Execution-Based Bot-Like Malware Detection
ISC '08 Proceedings of the 11th international conference on Information Security
Overbot: a botnet protocol based on Kademlia
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Structured Peer-to-Peer Overlay Networks: Ideal Botnets Command and Control Infrastructures?
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Measurement and classification of humans and bots in internet chat
SS'08 Proceedings of the 17th conference on Security symposium
Automatic discovery of botnet communities on large-scale communication networks
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Hardening Botnet by a Rational Botmaster
Information Security and Cryptology
Studying spamming botnets using Botlab
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
P2P botnet detection using behavior clustering & statistical tests
Proceedings of the 2nd ACM workshop on Security and artificial intelligence
Botnet: classification, attacks, detection, tracing, and preventive measures
ICICIC '09 Proceedings of the 2009 Fourth International Conference on Innovative Computing, Information and Control
Honeypot detection in advanced botnet attacks
International Journal of Information and Computer Security
New detection of peer-to-peer controlled bots on the host
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet
Proceedings of the 26th Annual Computer Security Applications Conference
Honeypot trace forensics: The observation viewpoint matters
Future Generation Computer Systems
Andbot: towards advanced mobile botnets
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
AntBot: Anti-pollution peer-to-peer botnets
Computer Networks: The International Journal of Computer and Telecommunications Networking
SkyNET: a 3G-enabled mobile attack drone and stealth botmaster
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
RatBot: anti-enumeration peer-to-peer botnets
ISC'11 Proceedings of the 14th international conference on Information security
Poster: recoverable botnets: a hybrid C&C approach
Proceedings of the 18th ACM conference on Computer and communications security
Design of SMS commanded-and-controlled and P2P-structured mobile botnets
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Detecting parasite p2p botnet in eMule-like networks through quasi-periodicity recognition
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Advanced triple-channel botnets: model and implementation
Proceedings of the 2012 ACM conference on Computer and communications security
Bot detection evasion: a case study on local-host alert correlation bot detection methods
Security and Communication Networks
Simulation-based study of botnets and defense mechanisms against them
Journal of Computer and Systems Sciences International
Computer Networks: The International Journal of Computer and Telecommunications Networking
Leveraging honest users: stealth command-and-control of botnets
WOOT'13 Proceedings of the 7th USENIX conference on Offensive Technologies
Modeling and evaluating of typical advanced peer-to-peer botnet
Performance Evaluation
| Hi-index | 0.01 |
A "botnet" consists of a network of compromised computers controlled by an attacker ("botmaster"). Recently botnets have become the root cause of many Internet attacks. To be well prepared for future attacks, it is not enough to study how to detect and defend against the botnets that have appeared in the past. More importantly, we should study advanced botnet designs that could be developed by botmasters in the near future. In this paper, we present the design of an advanced hybrid peer-to-peer botnet. Compared with current botnets, the proposed botnet is harder to be shut down, monitored, and hijacked. It provides robust network connectivity, individualized encryption and control traffic dispersion, limited botnet exposure by each bot, and easy monitoring and recovery by its botmaster. Possible defenses against this advanced botnet are suggested.