SkyNET: a 3G-enabled mobile attack drone and stealth botmaster
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Titans' revenge: Detecting Zeus via its own flaws
Computer Networks: The International Journal of Computer and Telecommunications Networking
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
Botnets have become one of the most prevailing threats to today’s Internet partly due to the underlying economic incentives of operating one. Botnet toolkits sold by their authors allow any layman to generate his/her own customized botnet and become a botmaster; botnet services sold by botmasters allow any criminal to steal identities and credit card information; finally, such stolen credentials are sold to end-users to make unauthorized transactions. Many existing botnet countermeasures meet inherent difficulties when they choose to target the botmasters or authors of toolkits, because those at the highest levels of this food chain are also the most technology-savvy and elusive. In this paper, we propose a different, bottom-up approach. That is, we defame botnet toolkits through discouraging or prosecuting the end-users of the stolen credentials. To make the concept concrete, we present a case study of applying the approach to a popular botnet toolkit, Zeus, with two methodologies, namely, reverse engineering and behavioural analysis.