Evaluating email’s feasibility for botnet command and control
作者: Kapil Singh , Abhinav Srivastava , Jonathon Giffin , Wenke Lee
关键词:
摘要: The usefulness of email has been tempered by its role in the widespread distribution spam and malicious content. Security solutions have focused on filtering out payloads weblinks from email; potential dangers go past these boundaries: harmless-looking emails can carry dangerous, hidden botnet In this paper, we evaluate suitability communication for command control. What makes email-based botnets interesting is lack clear detection mitigation strategies that defenders could use to disrupt botnet. We first demonstrate commands remain due enormous volume. If providers deploy specialized spam-based botnets, botmasters alternatively communicate with bots via non-spam cannot be safely discarded. show viability such means simulations a prototype, discuss limited prospects botnets.
computer.org
sci-hub.se 参考文章(14)
David Dagon, Cliff Changchun Zou, Wenke Lee, Modeling Botnet Propagation Using Time Zones. network and distributed system security symposium. ,(2006)
Jose Nazario, Chris Connelly, The Future of Internet Worms ,(2001)
David Josephsen, Jeremy Blosser, Scalable Centralized Bayesian Spam Mitigation with Bogofilter (Awarded Best Paper usenix large installation systems administration conference. pp. 1- 20 ,(2004)
Paul Barford, Vinod Yegneswaran, An Inside Look at Botnets Advances in Information Security. pp. 171- 191 ,(2007) , 10.1007/978-0-387-44599-1_8
Farnam Jahanian, Danny McPherson, Evan Cooke, The Zombie roundup: understanding, detecting, and disrupting botnets conference on steps to reducing unwanted traffic on internet. pp. 6- 6 ,(2005)
Mark Chapman, George Davida2, Plausible Deniability Using Automated Linguistic Stegonagraphy Lecture Notes in Computer Science. pp. 276- 287 ,(2002) , 10.1007/3-540-45831-X_19
Luis von Ahn, Manuel Blum, Nicholas J. Hopper, John Langford, CAPTCHA: using hard AI problems for security theory and application of cryptographic techniques. pp. 294- 311 ,(2003) , 10.1007/3-540-39200-9_18
Weidong Cui, Wai-tian Tan, Randy H. Katz, BINDER: an extrusion-based break-in detector for personal computers usenix annual technical conference. pp. 18- 18 ,(2005)
Mehran Sahami, Susan Dumais, Eric Horvitz, David Heckerman, A Bayesian Approach to Filtering Junk E-Mail national conference on artificial intelligence. ,(1998)
G. Mori, J. Malik, Recognizing objects in adversarial clutter: breaking a visual CAPTCHA computer vision and pattern recognition. ,vol. 1, pp. 134- 141 ,(2003) , 10.1109/CVPR.2003.1211347