Analyzing And Attacking A Botnet For Fun And Profit

Posted on Posted in Lectures

Analyzing And Attacking A Botnet For Fun And Profit

Botnets, networks of compromised computers under the control of the same cybercriminal, have been the tool of choice of miscreants committing illicit actions on the Internet for the last 10 years [10, 23, 29]. Security researchers and law enforcement experts are constantly engaged in an arms race with cybercriminals, finalized to disrupt botnet operations [23, 32]. Unfortunately, this arms race is difficult to win, because cybercriminals have the advantage that they can react to the countermeasures deployed by the security community and make their botnets more resilient to takedowns [31]. Moreover, the fact that botnet operations are distributed across the globe, and that different critical parts of the malicious infrastructure are typically located in different countries makes it particularly difficult for law enforcement to effectively coordinate and take down such operations [22, 34]. Due to the complexity of the botnet phenomenon, a wealth of research has been conducted on understanding such cybercriminal operations. A category of work focuses on understanding the monetization of botnet operations [2, 16, 17, 20]. Botnets need to generate a profit for their administrator (botmaster), and this usually happens by renting them out to other cybercriminals or by using them directly to perform illicit activities such as sending email spam or stealing financial information …

Facebooktwittergoogle_plus