Attacks on Steganographic Systems
IH '99 Proceedings of the Third International Workshop on Information Hiding
IHW '01 Proceedings of the 4th International Workshop on Information Hiding
A Steganographic Embedding Undetectable by JPEG Compatibility Steganalysis
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Hide and Seek: An Introduction to Steganography
IEEE Security and Privacy
On Estimation of Secret Message Length in JSteg-like Steganography
ICPR '04 Proceedings of the Pattern Recognition, 17th International Conference on (ICPR'04) Volume 4 - Volume 04
An algorithm for anomaly-based botnet detection
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Statistically undetectable jpeg steganography: dead ends challenges, and opportunities
Proceedings of the 9th workshop on Multimedia & security
Wide-scale botnet detection and characterization
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Rishi: identify bot contaminated hosts by IRC nickname evaluation
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Traffic Aggregation for Malware Detection
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
SS'08 Proceedings of the 17th conference on Security symposium
Modified matrix encoding technique for minimal distortion steganography
IH'06 Proceedings of the 8th international conference on Information hiding
YASS: yet another steganographic scheme that resists blind steganalysis
IH'07 Proceedings of the 9th international conference on Information hiding
Generalised category attack: improving histogram-based attack on JPEG LSB embedding
IH'07 Proceedings of the 9th international conference on Information hiding
A foray into Conficker's logic and rendezvous points
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Take a deep breath: a stealthy, resilient and cost-effective botnet using skype
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
BotGrep: finding P2P bots with structured graph analysis
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Category attack for LSB steganalysis of JPEG images
IWDW'06 Proceedings of the 5th international conference on Digital Watermarking
The socialbot network: when bots socialize for fame and money
Proceedings of the 27th Annual Computer Security Applications Conference
Fluxing botnet command and control channels with URL shortening services
Computer Communications
BotMosaic: Collaborative network watermark for the detection of IRC-based botnets
Journal of Systems and Software
Peri-Watchdog: Hunting for hidden botnets in the periphery of online social networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design and analysis of a social botnet
Computer Networks: The International Journal of Computer and Telecommunications Networking
Sensing-enabled channels for hard-to-detect command and control of mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Detection of StegoBot: a covert social network botnet
Proceedings of the First International Conference on Security of Internet of Things
Communications of the ACM
Hi-index | 0.02 |
We propose Stegobot, a new generation botnet that communicates over probabilistically unobservable communication channels. It is designed to spread via social malware attacks and steal information from its victims. Unlike conventional botnets, Stegobot traffic does not introduce new communication endpoints between bots. Instead, it is based on a model of covert communication over a social-network overlay - bot to botmaster communication takes place along the edges of a social network. Further, bots use image steganography to hide the presence of communication within image sharing behavior of user interaction. We show that it is possible to design such a botnet even with a less than optimal routing mechanism such as restricted flooding. We analyzed a real-world dataset of image sharing between members of an online social network. Analysis of Stegobot's network throughput indicates that stealthy as it is, it is also functionally powerful - capable of channeling fair quantities of sensitive data from its victims to the botmaster at tens of megabytes every month.