CFP last date
22 April 2024
Reseach Article

Review of the Research on Botnet

by Gao Jian
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 160 - Number 3
Year of Publication: 2017
Authors: Gao Jian
10.5120/ijca2017912993

Gao Jian . Review of the Research on Botnet. International Journal of Computer Applications. 160, 3 ( Feb 2017), 13-17. DOI=10.5120/ijca2017912993

@article{ 10.5120/ijca2017912993,
author = { Gao Jian },
title = { Review of the Research on Botnet },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2017 },
volume = { 160 },
number = { 3 },
month = { Feb },
year = { 2017 },
issn = { 0975-8887 },
pages = { 13-17 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume160/number3/27052-2017912993/ },
doi = { 10.5120/ijca2017912993 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:05:38.182070+05:30
%A Gao Jian
%T Review of the Research on Botnet
%J International Journal of Computer Applications
%@ 0975-8887
%V 160
%N 3
%P 13-17
%D 2017
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The botnet is controlled by an attacker, which is formed by a lot of vulnerable hosts. The botnet is one of the biggest threats on the Internet. The attacker usually uses it to attack, such as: spam, distributed denial of service attacks, fraud and so on. In this paper, we mainly study the control channel of the botnet, including the IRC protocol, the P2P protocol and the HTTP protocol. At the same time, this paper also studies the detection method of the botnet, which includes the host based detection method and the network based detection method.

References
  1. R.Puri, Bots&botnet: An overview, SANS White Paper, 2003,http://www.sans.org/reading_room/whitepapers/malicious/1299.php
  2. G.Eason, B.Noble, I.N.Sneddon, On Certain integrals of EggDrop:Open source IRC bot,1993,Http://www.eggheads.org
  3. J.Nazario, BlackEnergy DDoS Bot Analysis, Arbor Networks, 2007:26-30
  4. S.Stover, D.Dittrich, J.Hernandez, et al. Analysis of the Storm and Nugache Trojans:P2P is here, In proceedings of USENIX,2007:18-27
  5. Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, and Andreas Terzis. A multifaceted approach to understanding the botnet phenomenon. In Proc. of the 6th ACM SIG- COMM Conference on Internet Measuremen, Rio de Janeiro, Brazil, October 2006.
  6. Michael Bailey, Evan Cooke, Farnam Jahanian, Yunjing Xu, and Manish Karir. A Survey of Botnet Technology and Defenses. In Proc. of the 2009 Cybersecurity Appli- cations & Technology Conference for Homeland Security, March 2009.
  7. Liang Xie and Sencun Zhu. A Feasibility Study on Defending Against Ultra-Fast Topological Worms. In Proc. of The 7th IEEE International Conference on Peer-to- Peer Computing (P2P’07), Galway, Ireland, September 2007.
  8. Ryan Vogt, John Aycock, and Michael Jacobson. Army of Botnets. In Proc. of the 2007 Network and Distributed System Security Symposium (NDSS), Febuary 2007.
  9. Julian B. Grizzard, Vikram Sharma, Chris Nunnery, Brent ByungHoon Kang, and David Dagon. Peer-to-Peer Botnets: Overview and Case Study. In Proc. of the 1st USENIX Workshop on Hot Topics in Understanding Botnets (HotBots ’07), Cam- bridge, MA, April 2007.
  10. Phillip Porras, Hassen Saidi, and Vinod Yegneswaran. A Multi-perspective Analysis of the Storm (Peacomm) Worm. Technical report, SRI, November 2007.
  11. C.Kalt, Internet Relay Chat:Client protocol, Reauest for Comment(RFC)2812(Informational),2000
  12. Sinit P2P Trojan analysis. Http://www.lurhq.com/sinit.html
  13. E.Florio, M. Ciubotariu, Peerbot: Catch me if you can, White Paper, Symantec Security Response,2007
  14. Jun Li, Toby Ehrenkranz, Geoff Kuenning, Simulation and Analysis on the Resiliency and Efficiency of malnets. Workshop on Principles of Advanced and Distributed Simulation (PADS'05),2005
  15. Ping Wang, Lei Wu, Ryan Cunningham, and Cliff C. Zou. Honeypot Detection in Advanced Botnet Attacks. In International Journal of Information and Computer Security (IJICS), 4(1), 30-51, 2010.
  16. Lasse Trolle Borup. Peer-to-Peer botnet: a case study on Waledac. Mathematical Modelling. 2009
  17. Ben Stock, Jan Gobel, Markus Engelberth, Felix C.Freiling, and Thorsten Holz. Walowdac-Analysis of a Peer-to-Peer Botnet. 2009 European Conference on Computer Network Defense.2009
  18. Zhaosheng Zhu, Guohan Lu, Yan Chen, Zhi Judy Fu, Phil Roberts, and Keesook Han. Botnet Research Survey. In Proc. of the 32nd Annual IEEE International Computer Software and Applications (COMPSAC ’08), July 2008.
  19. Guenther Starnberger, Christopher Kruegel, and Engin Kirda. Overbot - A botnet protocol based on Kademlia. In Proc. of the 4th International Conference on Security and Privacy in Communication Networks (SecureComm), September 2008.
  20. Clarke R.Building an Early Warning System in a Service Provider Network. Black Hat Briefings Europe, 2004
  21. P.Szor, The Art of Computer Virus Research and Defenses, Addison-Wesley Professional,2005
  22. M. Roesch, Snort-lightweight intrusion detection for networks, In Proceedings of the 13th systems Administration Conference(LISA’99), Seattle,Washington,USA,1999
  23. V. Paxson, Bro: A System for Detecting Network Intruders in Real Time, In Proceedings on the 7th USENIX Security Symposium(Security’98), San Antonio, Texas,USA,1998
  24. D.Wagner and P.Soto. Mimicry attacks on host based IDS. ACM CCS, 2002
  25. Su Chang and Thomas E. Daniels. P2P botnet detection using behavior clustering & statistical tests. In Proc. of the 2nd ACM workshop on Security and artificial intelligence (AISec ’09), Chicago, November 2009.
  26. Ulrich Bayer. TTanalyze:A tool for Analyzing Malware, Master Thesis of Vienna University of Technology, 2006
  27. Evan Cooke, Farnam Jahanian, and Danny McPherson. The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets. In Proc. of the Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI’05), July 2005.
  28. Ricardo Villamarin-Salomon and Jose Carlos Brustoloni. Bayesian bot detection based on DNS traffic similarity. In Proc. of the 24th Annual ACM Symposium on Applied Computing (SAC ’09), Honolulu, Hawaii, March 2009.
  29. Y. Chen. IRC-based botnet detection on high-speed routers, 2006. ARO/DARPA/DHS Special Workshop on Botnet.
  30. J. R. Binkley and S. Singh. An algorithm for anomaly-based botnet detection. In USENIX 2nd Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI 06), June 2006.
  31. Guofei Gu, Junjie Zhang, and Wenke Lee. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic. In Proc. of the 15th Annual Network and Distributed System Security Symposium (NDSS’08), February 2008.
  32. J. Goebel, T.Holz, Rishi.identify bot contaminated hosts by irc nickname evaluation, In Proceeding of the first conference on First Workshop on Hot Topics in Understanding Botnets, Berkeley,CA,USA,2007,USENIX Association.
Index Terms

Computer Science
Information Sciences

Keywords

Botnet Command and Control P2P Detection DDoS.