Publikationer från Malmö universitet
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model
Malmö universitet, Fakulteten för teknik och samhälle (TS), Institutionen för datavetenskap och medieteknik (DVMT).ORCID-id: 0000-0003-4071-4596
2019 (Engelska)Ingår i: 2019 Ist-Africa Week Conference (Ist-Africa), IEEE, 2019Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

While botnets still pose a big threat, they have also developed to be the most dangerous dark applications over the web. They are able to compromise a multitude of computers under the Command and Control (C&C) infrastructure, that is mainly controlled by a botherder/botmaster. Normally, a botnet uses malicious code to achieve its objectives and usually the motivation is based on either financial gain or Denial of Service (DoS) attack. The problem that is being addressed in this paper is structured to explore how a botnet's C&C infrastructure can be taken down based on how the botnet propagates itself within a network. The authors have used Zeus Botnet (ZBot) propagation model as a basis for this study. The main objective is to identify ZBot propagation patterns in order to be able to propose the take down approaches of the C&C infrastructure which acts as botnet control point. It is imperative to note that, even though ZBot was mainly resilient to attacks because of its Peer-to-Peer (P2P) nature, still other Zeus variants were controlled or acted as centralized bots. The study is more inclined to exploring the centralized Zeus variants like GameOver Zeus (GOZ) and ICE-IX for purposes of identifying the approaches. Based on the ZBot attack study, the C&C infrastructure can effectively be infiltrated hence averting unwarranted botnet attacks.

Ort, förlag, år, upplaga, sidor
IEEE, 2019.
Serie
IST-Africa, ISSN 2576-8581
Nyckelord [en]
botnet, obfuscated, C&C infrastructure, Zeus, bot, propagation, model
Nationell ämneskategori
Teknik och teknologier
Identifikatorer
URN: urn:nbn:se:mau:diva-12342DOI: 10.23919/ISTAFRICA.2019.8764837ISI: 000490550800022Lokalt ID: 30502OAI: oai:DiVA.org:mau-12342DiVA, id: diva2:1409388
Konferens
IST-Africa Week Conference (IST-Africa), Nairobi, Kenya (8-10 May 2019)
Tillgänglig från: 2020-02-29 Skapad: 2020-02-29 Senast uppdaterad: 2022-11-02Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltext

Person

Kebande, Victor R.

Sök vidare i DiVA

Av författaren/redaktören
Kebande, Victor R.
Av organisationen
Institutionen för datavetenskap och medieteknik (DVMT)
Teknik och teknologier

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 32 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf