The Honeynet Project: Trapping the Hackers
IEEE Security and Privacy
IEEE Security and Privacy
Bot Software Spreads, Causes New Worries
IEEE Distributed Systems Online
Honeypot-Aware Advanced Botnet Construction and Maintenance
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
A multifaceted approach to understanding the botnet phenomenon
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Botnet Detection: Countering the Largest Security Threat (Advances in Information Security)
Botnet Detection: Countering the Largest Security Threat (Advances in Information Security)
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Revealing botnet membership using DNSBL counter-intelligence
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Peering through the shroud: the effect of edge opacity on ip-based client identification
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
The nepenthes platform: an efficient approach to collect malware
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Fishing for phishes: applying capture-recapture methods to estimate phishing populations
Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Characterizing botnets from email spam records
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Peeking into spammer behavior from a unique vantage point
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
The heisenbot uncertainty problem: challenges in separating bots from chaff
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Measurement and Analysis of Autonomous Spreading Malware in a University Environment
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
FluXOR: Detecting and Monitoring Fast-Flux Service Networks
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
To catch a predator: a natural language approach for eliciting malicious payloads
SS'08 Proceedings of the 17th conference on Security symposium
Hardening Botnet by a Rational Botmaster
Information Security and Cryptology
Geolocalization of proxied services and its application to fast-flux hidden servers
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Your botnet is my botnet: analysis of a botnet takeover
Proceedings of the 16th ACM conference on Computer and communications security
ACM Transactions on Computer Systems (TOCS)
Honeypot detection in advanced botnet attacks
International Journal of Information and Computer Security
Peeking through the cloud: DNS-based estimation and its applications
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
JUST-google: a search engine-based defense against botnet-based DDoS attacks
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Peeking Through the Cloud: Client Density Estimation via DNS Cache Probing
ACM Transactions on Internet Technology (TOIT)
Fighting spam on the sender side: a lightweight approach
EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
Collaborative, privacy-preserving data aggregation at scale
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Evaluating Bluetooth as a medium for botnet command and control
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
A probabilistic population study of the Conficker-C botnet
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
Filtering spam from bad neighborhoods
International Journal of Network Management
Challenges in experimenting with botnet detection systems
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
RatBot: anti-enumeration peer-to-peer botnets
ISC'11 Proceedings of the 14th international conference on Information security
Cross-Analysis of botnet victims: new insights and implications
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Auto-learning of SMTP TCP transport-layer features for spam and abusive message detection
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
So you want to take over a botnet
LEET'12 Proceedings of the 5th USENIX conference on Large-Scale Exploits and Emergent Threats
Privacy-preserving social plugins
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Ensemble-based DDoS detection and mitigation model
Proceedings of the Fifth International Conference on Security of Information and Networks
Estimating the number of hosts corresponding to an address while preserving anonymity
NSS'12 Proceedings of the 6th international conference on Network and System Security
Computer Networks: The International Journal of Computer and Telecommunications Networking
The SIC botnet lifecycle model: A step beyond traditional epidemiological models
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dissecting SpyEye - Understanding the design of third generation botnets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Survey and taxonomy of botnet research through life-cycle
ACM Computing Surveys (CSUR)
Modeling and evaluating of typical advanced peer-to-peer botnet
Performance Evaluation
Estimating the number of hosts corresponding to an intrusion alert while preserving privacy
Journal of Computer and System Sciences
| Hi-index | 0.00 |
As if fueled by its own fire, curiosity and speculation regarding botnet sizes abounds. Among researchers, in the press, and in the classroom--the questions regarding the widespread effect of botnets seem never-ending: what are they? how many are there? what are they used for? Yet, time and time again, one lingering question remains: how big are today's botnets? We hear widely diverging answers. In fact, some may argue, contradictory. The root cause for this confusion is that the term botnet size is currently poorly defined. We elucidate this issue by presenting different metrics for counting botnet membership and show that they lead to widely different size estimates for a large number of botnets we tracked. In particular, we show how several issues, including cloning, temporary migration, and hidden structures significantly increase the difficulty of determining botnet size with any accuracy. Taken as a whole, this paper calls into question speculations about botnet size, and more so, questions whether size really matters.