Using coverage analysis to extract Botnet command-and-control protocol

被引：0

作者：

Wang, Zhi ^{[1
]}

Cai, Ya-Yun ^{[1
]}

Liu, Lu ^{[1
]}

Jia, Chun-Fu ^{[1
]}

机构：

[1] College of Computer and Control Engineering, Nankai University, Tianjin 300071, China

来源：

Tongxin Xuebao/Journal on Communications | 2014年 / 35卷 / 01期

关键词：

There are some inherent patterns in the bot execution trace coverage of basic blocks. Using these patterns; an approach was proposed to infer Botnet command-and-control protocol (C&C protocol). Without intermediate representation of binary code and constraints solving; this approach has a lower time and space overhead. This coverage analysis approach was evaluated on 3 famous Botnet: Zeus; Sdbot and Agobot. The result shows that this approach can accurately and efficiently extract the Botnet control commands. And the completeness of the extracted control commands could be verified by checking whether all available basic blocks in bot are covered by the traces triggered by the control commands;

D O I：

10.3969/j.issn.1000-436x.2014.01.018

中图分类号：

学科分类号：

摘要：

引用

页码：156 / 166

共 50 条

[1] Using Behavioral Similarity for Botnet Command-and-Control Discovery
Jusko, Jan
Rehak, Martin
Stiborek, Jan
Kohout, Jan
Pevny, Tomas
IEEE INTELLIGENT SYSTEMS, 2016, 31 (05) : 16 - 23
[2] Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures
Kartaltepe, Erhan J.
Morales, Jose Andre
Xu, Shouhuai
Sandhu, Ravi
APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, 2010, 6123 : 511 - +
[3] REUSE IN COMMAND-AND-CONTROL SYSTEMS
OCONNOR, J
MANSOUR, C
TURNERHARRIS, J
CAMPBELL, GH
IEEE SOFTWARE, 1994, 11 (05) : 70 - 79
[4] Analysis of a Distributed Command-and-Control Algorithm to Mosaic Warfare
Donnel, Stephen D.
Lunday, Brian J.
Boardman, Nicholas T.
MILITARY OPERATIONS RESEARCH, 2024, 29 (01) : 5 - 29
[5] Botnet command and control techniques
Heron, Simon
Network Security, 2007, 2007 (04) : 13 - 16
[6] Botnet Command and Control Mechanisms
Zeidanloo, Hossein Rouhani
Manaf, Azizah Abdul
SECOND INTERNATIONAL CONFERENCE ON COMPUTER AND ELECTRICAL ENGINEERING, VOL 1, PROCEEDINGS, 2009, : 564 - 568
[7] Comparative Analysis and Evaluation of Botnet Command and Control Models
Marupally, Pavan Roy
Paruchuri, Vamsi
2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2010, : 82 - 89
[8] Applying Gestural Interfaces to Command-and-Control
Reily, Todd
Balestra, Martina
DESIGN, USER EXPERIENCE, AND USABILITY: THEORY, METHODS, TOOLS AND PRACTICE, PT 2, 2011, 6770 : 187 - 194
[9] CoCoSpot: Clustering and recognizing botnet command and control channels using traffic analysis
Dietrich, Christian J.
Rossow, Christian
Pohlmann, Norbert
COMPUTER NETWORKS, 2013, 57 (02) : 475 - 486
[10] COMPUTER-AIDED PROTOTYPING FOR A COMMAND-AND-CONTROL SYSTEM USING CAPS
LUQI
IEEE SOFTWARE, 1992, 9 (01) : 56 - 67

← 1 2 3 4 5 →