Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Measurement and analysis of spywave in a university environment
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
BitBlaze: A New Approach to Computer Security via Binary Analysis
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Automating analysis of large-scale botnet probing events
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
BotCop: An Online Botnet Traffic Classifier
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
A Survey of Botnet and Botnet Detection
SECURWARE '09 Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies
Your botnet is my botnet: analysis of a botnet takeover
Proceedings of the 16th ACM conference on Computer and communications security
Unpacking virtualization obfuscators
WOOT'09 Proceedings of the 3rd USENIX conference on Offensive technologies
Protecting Web 2.0 Services from Botnet Exploitations
CTC '10 Proceedings of the 2010 Second Cybercrime and Trustworthy Computing Workshop
The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet
Proceedings of the 26th Annual Computer Security Applications Conference
MasterBlaster: Identifying Influential Players in Botnet Transactions
COMPSAC '11 Proceedings of the 2011 IEEE 35th Annual Computer Software and Applications Conference
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Botnet malware is improving with the latest (3rd) generation exemplified by the SpyEye and Zeus botnets. These botnets are important to understand because they target online financial transactions, primarily with banks. In this paper, we analyze the components from multiple generations of the SpyEye botnet in order to understand both how it works and how it is evolving. SpyEye is a sophisticated piece of malware with a modular design that eases the incorporation of improvements. We will discuss in detail the complete framework of SpyEye botnet consisting of the Bot Development Kit (BDK), the plugin architecture, the backend storage server, the bot design and the web-based Command and Control (C&C) management system. In addition, we also examine the techniques used by SpyEye to steal money.