A survey on real world botnets and detection mechanisms
作者: Maryam Nezhadkamali , Seyed Amin Hosseini Seno , Rahmat Budiarto , Somayeh Soltani
DOI:
关键词: Rootkit 、 Botnet 、 Denial-of-service attack 、 Drive-by download 、 Covert channel 、 Kraken 、 Computer security 、 Rustock botnet 、 Srizbi botnet 、 Computer science
摘要: Mitigating the destructive effect of botnets is a concern security scholars. Though various mechanisms are proposed for detection, real world still survive and do their harmful operations. Botnets have developed new evasion techniques covert communication channels. Knowing characteristics helps researchers in developing more robust detection methods. There some surveys literature that study botnet methods; however they not advert to lot. In this paper, we aspects several botnets, i.e. Conficker, Kraken, Rustock, Storm, TDL4, Torpig, Waledac, Zeus P2P Zeus. Architecture, protocol, type infection, interval, attacks these probed paper. Moreover, studies on mitigation trends channels reviewed.
iaesjournal.com
um.ac.ir参考文章(35)
Blake Hartstein, Matthew Richard, Steven Adair, Michael Ligh, Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code ,(2010)
Felix C. Freiling, Konrad Rieck, Christian Gorecki, Thorsten Holz, Measuring and Detecting Fast-Flux Service Networks network and distributed system security symposium. ,(2008)
Fariba Haddadi, H. Gunes Kayacik, A. Nur Zincir-Heywood, Malcolm I. Heywood, Malicious automatically generated domain name detection using Stateful-SBB european conference on applications of evolutionary computation. pp. 529- 539 ,(2013) , 10.1007/978-3-642-37192-9_53
Shishir Nagaraja, Amir Houmansadr, Pratch Piyawongwisal, Vijit Singh, Pragya Agarwal, Nikita Borisov, Stegobot: a covert social network botnet information hiding. pp. 299- 313 ,(2011) , 10.1007/978-3-642-24178-9_21
Ching-Hsiang Hsu, Chun-Ying Huang, Kuan-Ta Chen, Fast-flux bot detection in real time recent advances in intrusion detection. pp. 464- 483 ,(2010) , 10.1007/978-3-642-15512-3_24
Bill Blunden, The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System ,(2009)
Roberto Perdisci, David Dagon, Yacin Nadji, Manos Antonakakis, Nikolaos Vasiloglou, Wenke Lee, Saeed Abu-Nimeh, From throw-away traffic to bots: detecting the rise of DGA-based malware usenix security symposium. pp. 24- 24 ,(2012)
Manuel Egele, Peter Wurzinger, Christopher Kruegel, Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 88- 106 ,(2009) , 10.1007/978-3-642-02918-9_6
Marco Cova, Christopher Kruegel, Giovanni Vigna, Detection and analysis of drive-by-download attacks and malicious JavaScript code the web conference. pp. 281- 290 ,(2010) , 10.1145/1772690.1772720
C. Rossow, D. Andriesse, T. Werner, B. Stone-Gross, D. Plohmann, C. J. Dietrich, H. Bos, SoK: P2PWNED - Modeling and Evaluating the Resilience of Peer-to-Peer Botnets ieee symposium on security and privacy. pp. 97- 111 ,(2013) , 10.1109/SP.2013.17