Abstract
Botnets are an emerging phenomenon that is becoming one of the most significant threats to cyber security and cyber crimes as they provide a distributed platform for several illegal activities such as launching distributed denial of service (DDoS), malware dissemination, phishing, identity theft, spamming, and click fraud. The characteristic of botnets is the use of command and control (C&C) channels through which they can be updated and directed. We investigate the state-of-art research on recent botnet analysis. This paper aims to provide a concise overview of existing botnets in multiple views. The major advantage of this paper is to identify the nature of the botnet problem and find the specific ways of detecting the botnet.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
N. Ianelli, A. Hackworth, Botnets as a Vehicle for Online Crime—Coordination Center, CERT cMellon University, Carnegie CERT, 2005.
T. Micro, Taxonomy of Botnet Threats, Technical Report, Trend Micro White Paper, 2006.
C. Li, W. Jiang, X. Zou, Botnet: survey and case study, in: 4th International Conference on ICIC-2009, pp. 1184–87.
Lee, J. S., et.al, The activity analysis of malicious http-based botnets using degree of periodic repeatability. In proceedings of International Conference on IEEE Security Technology, 2008, pp. 83–86.
J. B. Grizzard, et.al. Peer-to-peer botnets: Overview and case study. In USENIX HotBots’07, 2007.
Govil, Jivesh, and G. Jivika. “Criminology of botnets and their detection and defense methods.” In proceedings of IEEE International Conference on Electro/Information Technology, 2007, pp. 215–220
Stinson, Elizabeth, and John C. Mitchell. “Characterizing bots’ remote control behavior.” In Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 89–108. Springer Berlin Heidelberg, 2007.
M.A Rajab, et.al., A multifaceted approach to understanding the botnet phenomenon, In proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC’06, ACM, New York, NY, USA, 2006, pp. 41–52.
C. Schiller, J. Binkley, Botnets: The Killer Web Applications, Syngress Publishing, 2007.
Liu, lei, et.al., BotTracer: Execution-Based Bot- Like Malware Detection, Information security, Springer, Berlin Heidelberg, 2008, pp. 97–113.
Cooke, et.al., The zombie roundup: Understanding, detecting, and disrupting botnets. In Proceedings of the USENIX SRUTI Workshop, vol. 39, p. 44. 2005.
Lemos, Robert. “Fast flux foils bot-net takedown.” 2007.
http://arstechnica.com/security/2012/10/ddos-attacks-against-major-us-banks-no-stuxnet/
Barford, Paul, and Vinod Yegneswaran. “An inside look at botnets.” In Malware Detection, pp. 171–191. Springer US, 2007.
Y. Tang and S. Chen. Defending against internet worms: A signature-based approach. In Proc. of Infocom, 2003. vol. 2, pp. 1384–1394. IEEE, 2005.
Lu, et.al., “Clustering botnet communication traffic based on n-gram feature selection.” Computer Communications 34, no. 3 (2011): 502–514.
Al-Hammadi, Y & Aickelin. U, ‘Detecting Botnets through Log Correlation’, Proc. IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation, 2006, pp. 97–100.
Liu, et.al., “A P2P-botnet detection model and algorithms based on network streams analysis.” In International Conference on Future Information Technology and Management Engineering (FITME), 2010 vol. 1, pp. 55–58.
J.R. Binkley and S.Singh, “An algorithm for anomaly-based botnet detection,” in Proc. USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI’06), 2006, pp 43–48.
Lin, Hsiao-Chung, Chia-Mei Chen, and Jui-Yu Tzeng. “Flow based botnet detection.” In Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on, pp. 1538–1541. IEEE, 2009.
Yin, Chunyong, and Ali A. Ghorbani. “P2P botnet detection based on association between common network behaviors and host behaviors.” In proceedings of IEEE international conference on Multimedia Technology (ICMT), 2011, pp. 5010–5012, 2011.
Al-Hammadi, Yousof, and Uwe Aickelin. “Behavioural Correlation for Detecting P2P Bots.” In proceedings of IEEE 2nd international conference on Future Networks ICFN’10, 2010. pp. 323–327.
Huang, Zhiyong, X. Zeng, and Y. Liu. “Detecting and blocking P2P botnets through contact tracing chains.” International Journal of Internet Protocol Technology 5, no. 1, 2010, pp. 44–54.
J. Goebel and T. Holz. Rishi: Identify bot contaminated hosts by irc nickname evaluation. In USENIX Workshop on Hot Topics in Understanding Botnets (HotBots’07), 2007.
Venkatesh, G. Kirubavathi, and R. Anitha Nadarajan. “HTTP botnet detection using adaptive learning rate multilayer feed-forward neural network.” In Proceedings of the Springer international workshop in information security theory and practice—WISTP’12, UK, 2012. pp. 38–48.
Gu, G et.al., Bot-Miner: Clustering Analysis of Network Traffic for Protocol-and Structure Independent Botnet Detection. In 17th Usenix Security Symposium (2008).
Chen, Chia-Mei, Ya-Hui Ou, and Yu-Chou Tsai. “Web botnet detection based on flow information.” In proceedings of IEEE international conference on Computer Symposium (ICS), 2010, pp. 381–384.
Wang, et.al., “Modeling Connections Behavior for Web-based Bots Detection.” In proceedings of IEEE 2nd international conference on e-Business and Information System Security (EBISS), pp. 1–4, 2010.
Nagaraja, et.al., “BotGrep: Finding P2P Bots with Structured Graph Analysis.” In USENIX Security Symposium, pp. 95–110. 2010.
H. Choi, H. Lee, and H. Kim, “Botnet Detection by Monitoring Group Activities in DNS Traffic,” in proceedings of IEEE 7th international conference on Computer and Information Technology (CIT 2007), 2007, pp. 715–720.
Villamarín-Salomón, Ricardo, and J C Brustoloni. “Bayesian bot detection based on DNS traffic similarity.” In Proceedings of ACM symposium on Applied Computing, pp. 2035–2041. ACM, 2009.
N. F. A. Ramachandran and D. Dagon, “Revealing botnet membership using dnsbl counter-intelligence,” in Proc. 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI’06), 2006.
Morales, et.al., “Symptoms-based detection of bot processes.” In Computer Network Security, pp. 229–241. Springer Berlin Heidelberg, 2010.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer India
About this paper
Cite this paper
Kirubavathi, G., Anitha, R. (2014). Botnets: A Study and Analysis. In: Krishnan, G., Anitha, R., Lekshmi, R., Kumar, M., Bonato, A., Graña, M. (eds) Computational Intelligence, Cyber Security and Computational Models. Advances in Intelligent Systems and Computing, vol 246. Springer, New Delhi. https://doi.org/10.1007/978-81-322-1680-3_23
Download citation
DOI: https://doi.org/10.1007/978-81-322-1680-3_23
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-1679-7
Online ISBN: 978-81-322-1680-3
eBook Packages: EngineeringEngineering (R0)