A Concept of Detection Method for Botnets Based on Social Networks

Hubert Ostap, Ryszard Antkiewicz

Abstract


There are a lot of botnets implementations which are using different kind of communication protocols such as P2P, HTTP, IRC. There are also a lot of methods of their detection which are in most cases useless against botnets that are using novel communication protocols. In nowadays, one can observe increasing number of Internet threats that are using new kind of communication methods for receiving and sending commands between infected host and botmaster. The aim of this paper is to present a concept of detection method for botnets that are using social networks for communication with Command & Control.

Keywords


security; botnet detection; clustering

Full Text:

PDF

References


ENISA, Botnets: Detection, Measurement, Disinfection & Defence. European Network and Information Security Agency, 2011.

Cooke E., Jahanian F., McPherson D.: The zombie roundup: Understanding, detecting, and disrupting botnet. Proceedings of SRUTI: Steps to Reducing Unwanted Traffic on the Internet, 2005.

Ramachandran A., Feamster N., Dagon D.: Revealing botnet membership using dnsbl counter-intelligence. USENIX 2nd Worksop on Steps to Reducing Unwated Traffic on the Internet SRUTI 06, 2006.

Silva S.S., Silva R.M., Pinto R.C., Salles R.M.: Botnets: A survey. Computer Networks, 2013.

Wang P., Sparks S., Zou C.: An Advanced Hybrid Peer-to-Peer Botnet. USENIX First Worksop on Hot Topics in Uderstaning Botnet (HotBots 2007), 2007.

Chanda K.: Hybrid Botnet Detection Mechanism. International Journal of Computer Applications, 2014.

Wang P., Sparks S., Zou C.C.: An Advanced Hybrid Peer-to-Peer Botnet. IEEE Transactions on Dependable and Secure Computing, 2010.

Ostap H., Antkiewicz R.: A Concept of Clustering-Based Method for Botnet Detection. Computer Network Security, 7th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, Warsaw, Poland 2017.

Anagnostopoulos M., Kambourakis G., Gritzalis S.: New factes of mobile botnet architecture and evaluation. International Journal of Information Security, 2013.

Garcia S., Zumino A., Campo M.: Survey on network-based botnet detection methods. Security and Communication Netowork, 2014.

Feily M., Shahrestani A., Ramadass S.: A Survey of Botnet and Botnet Detection. Third International Conference on Emerging Security Information, Systems and Technologies, 2009.

Raghava N.S., Sahgal D., Chandna S.: Classification of Botnet Detection Based on Botnet Architecture. International Conference on Communication System and Network Technologies, 2012.

Strayer T., Lapsely D., Walsh R., Livadas C.: Botnet Detection Based on Network Behavior. Botnet Detection, 2008.

Amichai-Hamburger Y., Hayat T.: Social Networking. The International Encyclopedia of Media Effects, 2017.

Obar J., Wildman S.: Social media definition and the governance challenge: An introduction to the special issue. 2015.

Boshmaf Y., Muslukov I., Beznosov K., Ripeanu M.: Design and analysis of a social botnet. Computer Networks, 2012.

Varol O., Ferrara E., Davi C.A., Menczer F., Flammini A.: Online Human-Bot Interactions: Detection, Estimation, and Characterization. 2017.

Yan G.: Peri-Watchdog: Hunting for hidden botnets in the periphery. Computer Networks, 2012.

Lee K., Eoff B.D., Caverlee J.: Seven Months with the Devils. 2011.

Zeltser L.: zeltser.com. 2015, [Online] Available: https://zeltser.com/bots-command-and-control-via-social-media/

Singel R.: www.wired.com. 2009, [Online] Available: https://www.wired.com/ 2009/08/botnet-tweets/

www.welivesecurity.com. 2016, [Online] Available: https://www.welivesecurity.com/ 2016/08/24/first-twitter-controlled-android-botnet-discovered/

Choi H., Lee H.: Identifying botnets by capturing group activities in DNS traffic. 2012.

Smith C.: expandedramblings.com. 2017, [Online] Available: https://expandedram blings.com/index.php/march-2013-by-the-numbers-a-few-amazing-twitter-stats/

NOVETTA: Elastic Zombie Botnet Report. 2015.

Kujawa A.: You dirty RAT! Part 2 - Blackshades NET. Malwarebytes, 2015, [Online] Available: https://blog.malwarebytes.com/threat-analysis/2012/06/you-dirty-rat-part-2-blackshades-net/




DOI: http://dx.doi.org/10.21936/si2018_v39.n1.836