Utilize este identificador para referenciar este registo: http://hdl.handle.net/10198/7829
Título: Characterization and modeling of top spam botnets
Autor: Rodrigues, Nuno G.
Sousa, Rui
Salvador, Paulo
Nogueira, António
Palavras-chave: Spam botnet
Statistical characterization
Network security
Malware
Network resilience model
Data: 2012
Editora: Macrothink Institute
Citação: Rodrigues, Nuno; Sousa, Rui; Salvador, Paulo; Nogueira, António (2012) - Characterization and modeling of top spam botnets. Network Protocols and Algorithms. ISSN 1943-3581. 4:4, p. 1-26
Resumo: The increasing impact of the Internet in the global economy has transformed Botnets into one of the most relevant security threats for citizens, organizations and governments. Despite the significant efforts that have been made over the last years to understand this phenomenon and develop detection techniques and countermeasures, this continues to be a field with big challenges to address. Several approaches can be taken to study Botnets: analyze its source code, which can be a hard task because it is usually unavailable; study the control mechanism, particularly the activity of its Command and Control server(s); study its behavior, by measuring real traffic and collecting relevant statistics. In this work, we have installed some of the most popular spam Botnets, captured the originated traffic and characterized it in order to identify the main trends/patterns of their activity. From the intensive statistics that were collected, it was possible to conclude that there are distinct features between Botnets that can be explored to build efficient detection methodologies. Based on this study, the second part of the paper proposes a generic and systematic model to describe the network dynamics whenever a Botnet threat is detected, defining all actors, dimensions, states and actions that need to be taken into account at each moment. We believe that this type of modeling approach is the basis for developing systematic and integrated frameworks and strategies to predict and fight Botnet threats in an efficient way.
Peer review: yes
URI: http://hdl.handle.net/10198/7829
ISSN: 1943-3581
Versão do Editor: http://www.macrothink.org/journal/index.php/npa/article/view/2058
Aparece nas colecções:IC - Artigos em Revistas Não Indexados ao ISI/Scopus

Ficheiros deste registo:
Ficheiro Descrição TamanhoFormato 
2058-11116-1-PB.pdf1,17 MBAdobe PDFVer/Abrir


FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpace
Formato BibTex MendeleyEndnote Degois 

Todos os registos no repositório estão protegidos por leis de copyright, com todos os direitos reservados.