Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model

DSpace Repository

Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model

Overview

Detailed record

dc.contributor.author Kebande, Victor R.
dc.contributor.author Mlotshwa, Likhwa
dc.contributor.author Karie, Nickson M.
dc.date.accessioned 2019-12-02T10:23:35Z
dc.date.available 2019-12-02T10:23:35Z
dc.date.issued 2019 en_US
dc.identifier.isbn 978-1-905824-63-2
dc.identifier.issn 2576-8581
dc.identifier.uri http://hdl.handle.net/2043/30502
dc.description.abstract While botnets still pose a big threat, they have also developed to be the most dangerous dark applications over the web. They are able to compromise a multitude of computers under the Command and Control (C&C) infrastructure, that is mainly controlled by a botherder/botmaster. Normally, a botnet uses malicious code to achieve its objectives and usually the motivation is based on either financial gain or Denial of Service (DoS) attack. The problem that is being addressed in this paper is structured to explore how a botnet's C&C infrastructure can be taken down based on how the botnet propagates itself within a network. The authors have used Zeus Botnet (ZBot) propagation model as a basis for this study. The main objective is to identify ZBot propagation patterns in order to be able to propose the take down approaches of the C&C infrastructure which acts as botnet control point. It is imperative to note that, even though ZBot was mainly resilient to attacks because of its Peer-to-Peer (P2P) nature, still other Zeus variants were controlled or acted as centralized bots. The study is more inclined to exploring the centralized Zeus variants like GameOver Zeus (GOZ) and ICE-IX for purposes of identifying the approaches. Based on the ZBot attack study, the C&C infrastructure can effectively be infiltrated hence averting unwarranted botnet attacks. en_US
dc.language.iso eng en_US
dc.publisher IEEE en_US
dc.subject botnet en_US
dc.subject obfuscated en_US
dc.subject C&C infrastructure en_US
dc.subject Zeus en_US
dc.subject bot en_US
dc.subject propagation en_US
dc.subject model en_US
dc.subject.classification Technology en_US
dc.title Botnet's Obfuscated C&C Infrastructure Take-down Approaches Based on Monitoring Centralized Zeus Bot Variant's Propagation Model en_US
dc.type Paper in proceeding en_US
dc.identifier.paperprint 0 en_US
dc.contributor.department Malmö University. Faculty of Technology and Society en_US
dc.contributor.department Malmö University. Computer Science and Media Technology (DVMT) en_US
dc.identifier.doi 10.23919/ISTAFRICA.2019.8764837
dc.subject.srsc Research Subject Categories::TECHNOLOGY en_US
dc.relation.ispartofpublication 2019 Ist-Africa Week Conference (Ist-Africa);
dc.identifier.isiid 000490550800022
dc.contributor.centre Malmö University. Internet of Things and People Research Centre (IOTAP) en_US
dcterms.description.conferenceName IST-Africa Week Conference (IST-Africa) en_US
dcterms.description.conferencePlace Nairobi, Kenya en_US
dcterms.description.conferenceYear 8-10 May 2019 en_US
 Find Full text Files for download

There are no files associated with this item.

This item appears in the following Collection(s)

Overview

Search


Browse

My Account

Statistics