Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
A multifaceted approach to understanding the botnet phenomenon
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
An algorithm for anomaly-based botnet detection
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
P2P '07 Proceedings of the Seventh IEEE International Conference on Peer-to-Peer Computing
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
An inquiry into the nature and causes of the wealth of internet miscreants
Proceedings of the 14th ACM conference on Computer and communications security
Wide-scale botnet detection and characterization
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Rishi: identify bot contaminated hosts by IRC nickname evaluation
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
BotHunter: detecting malware infection through IDS-driven dialog correlation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
FluXOR: Detecting and Monitoring Fast-Flux Service Networks
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Traffic Aggregation for Malware Detection
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A Layered Architecture for Detecting Malicious Behaviors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Overbot: a botnet protocol based on Kademlia
Proceedings of the 4th international conference on Security and privacy in communication netowrks
SS'08 Proceedings of the 17th conference on Security symposium
Your botnet is my botnet: analysis of a botnet takeover
Proceedings of the 16th ACM conference on Computer and communications security
Automatically generating models for botnet detection
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Walowdac - Analysis of a Peer-to-Peer Botnet
EC2ND '09 Proceedings of the 2009 European Conference on Computer Network Defense
Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Improving sender anonymity in a structured overlay with imprecise routing
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
AntBot: Anti-pollution peer-to-peer botnets
Computer Networks: The International Journal of Computer and Telecommunications Networking
Stegobot: a covert social network botnet
IH'11 Proceedings of the 13th international conference on Information hiding
Design of SMS commanded-and-controlled and P2P-structured mobile botnets
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Fluxing botnet command and control channels with URL shortening services
Computer Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Survey and taxonomy of botnet research through life-cycle
ACM Computing Surveys (CSUR)
Leveraging honest users: stealth command-and-control of botnets
WOOT'13 Proceedings of the 7th USENIX conference on Offensive Technologies
Hi-index | 0.00 |
Skype is one of the most used P2P applications on the Internet: VoIP calls, instant messaging, SMS and other features are provided at a low cost to millions of users. Although Skype is a closed source application, an API allows developers to build custom plugins which interact over the Skype network, taking advantage of its reliability and capability to easily bypass firewalls and NAT devices. Since the protocol is completely undocumented, Skype traffic is particularly hard to analyze and to reverse engineer. We propose a novel botnet model that exploits an overlay network such as Skype to build a parasitic overlay, making it extremely difficult to track the botmaster and disrupt the botnet without damaging legitimate Skype users. While Skype is particularly valid for this purpose due to its abundance of features and its widespread installed base, ourmodel is generically applicable to distributed applications that employ overlay networks to send direct messages between nodes (e.g., peer-to-peer software with messaging capabilities). We are convinced that similar bot-netmodels are likely to appear into the wild in the near future and that the threats they pose should not be underestimated. Our contribution strives to provide the tools to correctly evaluate and understand the possible evolution and deployment of this phenomenon.