Title :
Defaming Botnet Toolkits: A Bottom-Up Approach to Mitigating the Threat
Author :
Ormerod, T. ; Lingyu Wang ; Debbabi, M. ; Youssef, A. ; Binsalleeh, H. ; Boukhtouta, A. ; Sinha, P.
Author_Institution :
Comput. Security Lab., Concordia Univ. Montreal, Montreal, QC, Canada
Abstract :
Botnets have become one of the most prevailing threats to today´s Internet partly due to the underlying economic incentives of operating one. Botnet toolkits sold by their authors allow any layman to generate his/her own customized botnet and become a botmaster; botnet services sold by botmasters allow any criminal to steal identities and credit card information; finally, such stolen credentials are sold to end-users to make unauthorized transactions. Many existing botnet countermeasures meet inherent difficulties when they choose to target the botmasters or authors of toolkits, because those at the highest levels of this food chain are also the most technology-savvy and elusive. In this paper, we propose a different, bottom-up approach. That is, we defame botnet toolkits through discouraging or prosecuting the end-users of the stolen credentials. To make the concept concrete, we present a case study of applying the approach to a popular botnet toolkit, Zeus, with two methodologies, namely, reverse engineering and behavioural analysis.
Keywords :
reverse engineering; security of data; Zeus toolkit; behavioural analysis; botmaster; botnet toolkits; reverse engineering; threat mitigation; Data mining; Encryption; Internet; Malware; Monitoring; Reverse engineering; Zeus; identity theft; network security; reverse engineering;
Conference_Titel :
Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7517-9
DOI :
10.1109/SECURWARE.2010.39
