Title :
Behavioral Patterns of Fast Flux Service Networks
Author :
Caglayan, Alper ; Toothaker, Mike ; Drapaeau, Dan ; Burke, Dustin ; Eaton, Gerry
Abstract :
We present behavioral pattern analysis of fast flux service networks (FFSNs) using our database of FFSNs collected over a period of 12 months with our real-time fast flux network detection algorithm [1]. FFSNs exploit a network of compromised machines (zombies) for illegal activities such as spam campaigns, phishing scams and malware delivery using DNS record manipulation techniques. Our results, which build upon our analysis results [2], show that such networks share common lifecycle characteristics, and form clusters based on size, growth and type of malicious behavior. In particular, we introduce a social network connectivity metric, and show that (Command and Control and phishing), (malware and spam botnets) have similar scores with this metric.
Keywords :
Internet; computer crime; invasive software; unsolicited e-mail; DNS record manipulation techniques; behavioral pattern analysis; compromised machines; fast flux service networks; malware; phishing scams; social network connectivity metric; spam campaigns; Bayesian methods; Command and control systems; Databases; Detection algorithms; Monitoring; Network servers; Pattern analysis; Real time systems; Social network services; Web server;
Conference_Titel :
System Sciences (HICSS), 2010 43rd Hawaii International Conference on
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-5509-6
Electronic_ISBN :
1530-1605
DOI :
10.1109/HICSS.2010.81
