Title :
Examining Social Dynamics for Countering Botnet Attacks
Author :
Zhao, Ziming ; Ahn, Gail-Joon ; Hu, Hongxin
Author_Institution :
Lab. of Security Eng. for Future Comput. (SEFCOM), Arizona State Univ., Tempe, AZ, USA
Abstract :
Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent study discovers that rogue programs are sold in black markets in online social networks and adversaries use online social networks to coordinate attacks. Correlation of botnet attacks and activities in online underground social networks is crucial to tactically cope with net-centric threats. In this paper, we take the first step toward adversarial behavior identification by modeling social dynamics of underground adversarial communities and tracing the origin of certain malwares and attack events in underground communities. We also describe our evaluation to demonstrate the effectiveness of our approach.
Keywords :
invasive software; social networking (online); adversarial behavior identification; attack coordination; attack event; bot creation; bot distribution; botnet attack combating; botnet attack countering; botnet attack mitigation; command and control channel; malware; net-centric threat; online social network; rogue program discovery; social dynamics; underground adversarial community; Communities; Computer crime; IEEE Communications Society; Indexes; Malware; Social network services; User-generated content;
Conference_Titel :
Global Telecommunications Conference (GLOBECOM 2011), 2011 IEEE
Conference_Location :
Houston, TX, USA
Print_ISBN :
978-1-4244-9266-4
Electronic_ISBN :
1930-529X
DOI :
10.1109/GLOCOM.2011.6134468
