Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model

DSpace Repository

Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model

Details

Files for download

Find Full text There are no files associated with this item..

Overview of item record
Publication Paper in proceeding
Title Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model
Author Kebande, Victor R. ; Mlotshwa, Likhwa ; Karie, Nickson M.
Research Centre Internet of Things and People Research Centre (IOTAP)
Date 2019
English abstract
While botnets still pose a big threat, they have also developed to be the most dangerous dark applications over the web. They are able to compromise a multitude of computers under the Command and Control (C&C) infrastructure, that is mainly controlled by a botherder/botmaster. Normally, a botnet uses malicious code to achieve its objectives and usually the motivation is based on either financial gain or Denial of Service (DoS) attack. The problem that is being addressed in this paper is structured to explore how a botnet's C&C infrastructure can be taken down based on how the botnet propagates itself within a network. The authors have used Zeus Botnet (ZBot) propagation model as a basis for this study. The main objective is to identify ZBot propagation patterns in order to be able to propose the take down approaches of the C&C infrastructure which acts as botnet control point. It is imperative to note that, even though ZBot was mainly resilient to attacks because of its Peer-to-Peer (P2P) nature, still other Zeus variants were controlled or acted as centralized bots. The study is more inclined to exploring the centralized Zeus variants like GameOver Zeus (GOZ) and ICE-IX for purposes of identifying the approaches. Based on the ZBot attack study, the C&C infrastructure can effectively be infiltrated hence averting unwarranted botnet attacks.
Conference
IST-Africa Week Conference (IST-Africa) (8-10 May 2019 : Nairobi, Kenya)
DOI https://doi.org/10.23919/ISTAFRICA.2019.8764837 (link to publisher's fulltext.)
Publisher IEEE
Host/Issue 2019 Ist-Africa Week Conference (Ist-Africa);
ISSN 2576-8581
ISBN 978-1-905824-63-2
Language eng (iso)
Subject botnet
obfuscated
C&C infrastructure
Zeus
bot
propagation
model
Technology
Research Subject Categories::TECHNOLOGY
Handle http://hdl.handle.net/2043/30502 Permalink to this page
Facebook

This item appears in the following Collection(s)

Details

Search


Browse

My Account

Statistics