Botnets_Lifecycle_and_taxonomy.pdf - See discussions stats...

This preview shows page 1 - 3 out of 9 pages.

See discussions, stats, and author profiles for this publication at: Botnets: Lifecycle and Taxonomy Article · May 2011 DOI: 10.1109/SAR-SSI.2011.5931395 CITATIONS 20 READS 1,165 4 authors , including: Some of the authors of this publication are also working on these related projects: PANOPTESEC View project SUPERCLOUD View project Yosra Ben Mustapha Institut National des Télécommunications 8 PUBLICATIONS 55 CITATIONS SEE PROFILE Gustavo Gonzalez Granadillo Atos S.A. 35 PUBLICATIONS 198 CITATIONS SEE PROFILE Hervé Debar Institut Mines-Télécom 148 PUBLICATIONS 4,489 CITATIONS SEE PROFILE All content following this page was uploaded by Hervé Debar on 23 September 2015. The user has requested enhancement of the downloaded file.
Image of page 1

Subscribe to view the full document.

Botnets: Lifecycle and Taxonomy Nabil Hachem * , Yosra Ben Mustapha * , Gustavo Gonzales Granadillo * and Herve Debar * * Institut TELECOM Telecom SudParis CNRS Samovar UMR 5157 Evry, France Email: {nabil.hachem, yosra.ben_mustapha, gustavo.gonzalez_granadillo, herve.debar}@it-sudparis.eu Abstract —The new threat of the Internet, but little known to the ‘general public’ is constituted by botnets. Botnets are networks of infected computers, which are headed by a pirate called also ‘Attacker’ or ‘Master’. The botnets are nowadays mainly responsible for large- scale coordinated attacks. The attacker can ask the infected computers called ‘Agents’ or ‘Zombies’ to perform all sorts of tasks for him, like sending spam, performing DDoS attacks, phishing campaigns, deliver- ing malware, or leasing or selling their botnets to other fraudsters anywhere. In this paper we present a classi- fication that reflects the life cycle and current resilience techniques of botnets, distinguishing the propagation, the injection, the control and the attack phases. Then we study the effectiveness of the adopted taxonomy by applying it to existing botnets to study their main characteristics. We conclude by the upcoming steps in our research. I. Introduction A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are most time unaware of it, have been set up to forward trans- missions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer ‘robot’ or ‘bot’ that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. At a certain time, the zombie army ‘controller’ can unleash the effects of the army by sending a single command, possibly from an Internet relay chat (IRC) site or via http server. The computers that form a botnet can be programmed to redirect transmissions to a specific computer, such as a web site that can be closed down by having to handle too much traffic - a distributed denial-of-service (DDoS) attack - or, in the case of spam distribution, to many computers. The motivation for a zombie master who creates a DDoS attack may be to cripple a competitor.
Image of page 2
Image of page 3
  • Summer '17
  • SIR AZHAR
  • Peer-to-peer, Denial-of-service attack, E-mail spam, Internet bot

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern