Title :
Botnets: Lifecycle and Taxonomy
Author :
Hachem, Nabil ; Ben Mustapha, Yosra ; Granadillo, Gustavo Gonzales ; Debar, Herve
Author_Institution :
Inst. TELECOM, Telecom SudParis, Evry, France
Abstract :
The new threat of the Internet, but little known to the ´general public´ is constituted by botnets. Botnets are networks of infected computers, which are headed by a pirate called also ´Attacker´ or ´Master´. The botnets are nowadays mainly responsible for large-scale coordinated attacks. The attacker can ask the infected computers called ´Agents´ or ´Zombies´ to perform all sorts of tasks for him, like sending spam, performing DDoS attacks, phishing campaigns, delivering malware, or leasing or selling their botnets to other fraudsters anywhere. In this paper we present a classification that reflects the life cycle and current resilience techniques of botnets, distinguishing the propagation, the injection, the control and the attack phases. Then we study the effectiveness of the adopted taxonomy by applying it to existing botnets to study their main characteristics. We conclude by the upcoming steps in our research.
Keywords :
Internet; computer crime; computer network security; computer viruses; fraud; DDoS attack; Internet; Zombies; agents; attack phase; attacker; botnet; fraud; infected computer; large-scale coordinated attack; life cycle; malware; phishing campaign; resilience technique; spam; threat; Computers; Internet; Malware; Protocols; Servers; Topology;
Conference_Titel :
Network and Information Systems Security (SAR-SSI), 2011 Conference on
Conference_Location :
La Rochelle
Print_ISBN :
978-1-4577-0735-3
DOI :
10.1109/SAR-SSI.2011.5931395
