OnionBots: Subverting Privacy Infrastructure for Cyber Attacks
作者: Amirali Sanatinia , Guevara Noubir
DOI: 10.1109/DSN.2015.40
关键词:
摘要: Over the last decade botnets survived by adopting a sequence of increasingly sophisticated strategies to evade detection and take overs, monetize their infrastructure. At same time, success privacy infrastructures such as Tor opened door illegal activities, including botnets, ransomware, marketplace for drugs contraband. We contend that next waves will extensively attempt subvert infrastructure cryptographic mechanisms. In this work we propose preemptively investigate design mitigation botnets. first, introduce OnionBots, what believe be generation resilient, stealthy OnionBots use cyber attacks completely decoupling operation from infected host IP address carrying traffic does not leak information about its source, destination, nature. Such bots live symbiotically within detection, measurement, scale estimation, observation, in general all IP-based current techniques. Furthermore, show with an adequate self-healing network maintenance scheme, is simple implement, can achieve low diameter degree robust partitioning under node deletions. develop technique, called SOAP, neutralizes nodes basic OnionBots. light potential research community should proactively methods thwart potentially making adjustments
neu.edu 
sci-hub.se 参考文章(63)
Andrew G. West, Aziz Mohaisen, Metadata-Driven Threat Classification of Network Endpoints Appearing in Malware international conference on detection of intrusions and malware, and vulnerability assessment. pp. 152- 171 ,(2014) , 10.1007/978-3-319-08509-8_9
Mirco Marchetti, Michele Colajanni, Michele Messori, Leonardo Aniello, Ymir Vigfusson, Cyber Attacks on Financial Critical Infrastructures Collaborative Financial Infrastructure Protection. pp. 53- 82 ,(2012) , 10.1007/978-3-642-20420-3_3
Neil Daswani, Michael Stoppelman, The anatomy of Clickbot.A conference on workshop on hot topics in understanding botnets. pp. 11- 11 ,(2007)
Roberto Perdisci, David Dagon, Manos Antonakakis, Nick Feamster, Wenke Lee, Building a dynamic reputation system for DNS usenix security symposium. pp. 18- 18 ,(2010)
Alexander Moshchuk, Steven D. Gribble, Arvind Krishnamurthy, John P. John, Studying spamming botnets using Botlab networked systems design and implementation. pp. 291- 306 ,(2009)
Shishir Nagaraja, Amir Houmansadr, Pratch Piyawongwisal, Vijit Singh, Pragya Agarwal, Nikita Borisov, Stegobot: a covert social network botnet information hiding. pp. 299- 313 ,(2011) , 10.1007/978-3-642-24178-9_21
Farnam Jahanian, Danny McPherson, Evan Cooke, The Zombie roundup: understanding, detecting, and disrupting botnets conference on steps to reducing unwanted traffic on internet. pp. 6- 6 ,(2005)
Roberto Perdisci, David Dagon, Yacin Nadji, Manos Antonakakis, Nikolaos Vasiloglou, Wenke Lee, Saeed Abu-Nimeh, From throw-away traffic to bots: detecting the rise of DGA-based malware usenix security symposium. pp. 24- 24 ,(2012)
Chi-Yao Hong, Prateek Mittal, Matthew Caesar, Nikita Borisov, Shishir Nagaraja, BotGrep: finding P2P bots with structured graph analysis usenix security symposium. pp. 7- 7 ,(2010)
Felix C. Freiling, Thorsten Holz, Georg Wicherski, Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks Computer Security – ESORICS 2005. pp. 319- 335 ,(2005) , 10.1007/11555827_19