• DocumentCode
    669131
  • Title

    Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus

  • Author

    Andriesse, D. ; Rossow, C. ; Stone-Gross, B. ; Plohmann, D. ; Bos, Herbert

  • Author_Institution
    VU Univ., Amsterdam, Netherlands
  • fYear
    2013
  • fDate
    22-24 Oct. 2013
  • Firstpage
    116
  • Lastpage
    123
  • Abstract
    Zeus is a family of credential-stealing trojans which originally appeared in 2007. The first two variants of Zeus are based on centralized command servers. These command servers are now routinely tracked and blocked by the security community. In an apparent effort to withstand these routine countermeasures, the second version of Zeus was forked into a peer-to-peer variant in September 2011. Compared to earlier versions of Zeus, this peer-to-peer variant is fundamentally more difficult to disable. Through a detailed analysis of this new Zeus variant, we demonstrate the high resilience of state of the art peer-to-peer botnets in general, and of peer-to-peer Zeus in particular.
  • Keywords
    invasive software; peer-to-peer computing; centralized command servers; credential-stealing trojans; gameover Zeus; peer-to-peer Zeus; peer-to-peer botnets; peer-to-peer variant; routine countermeasures; security community; Command and control systems; Encryption; Payloads; Peer-to-peer computing; Protocols; Resilience;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Malicious and Unwanted Software: "The Americas" (MALWARE), 2013 8th International Conference on
  • Conference_Location
    Fajardo, PR
  • Print_ISBN
    978-1-4799-2534-6
  • Type

    conf

  • DOI
    10.1109/MALWARE.2013.6703693
  • Filename
    6703693
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=669131