Paper Info
Title
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm
Abstract
Botnets, i.e., networks of compromised machines under a common control infrastructure, are commonly controlled by an attacker with the help of a central server: all compromised machines connect to the central server and wait for commands. However, the first botnets that use peer-to-peer (P2P) networks for remote control of the compromised machines appeared in the wild recently. In this paper, we introduce a methodology to analyze and mitigate P2P botnets. In a case study, we examine in detail the Storm Worm botnet, the most wide-spread P2P botnet currently propagating in the wild. We were able to infiltrate and analyze in-depth the botnet, which allows us to estimate the total number of compromised machines. Furthermore, we present two different ways to disrupt the communication channel between controller and compromised machines in order to mitigate the botnet and evaluate the effectiveness of these mechanisms.
Year
Venue
Keywords
2008
LEET
different way,remote control,total number,common control infrastructure,p2p botnets,storm worm,peer-to-peer-based botnets,p2p botnet,communication channel,case study,storm worm botnet,central server,p2p
Field
DocType
Citations 
Cutwail botnet,Storm botnet,Remote control,Peer-to-peer,Rustock botnet,Botnet,Srizbi botnet,Computer science,Computer security,Computer network,Mariposa botnet
Conference
168
PageRank 
References 
Authors
10.48
16
5
Search Limit
100168
Name
Order
Citations
PageRank
T HORSTEN HOLZ13532232.93
Moritz Steiner271544.39
Frederic Dahl316810.48
Ernst Biersack42176220.80
Felix Freiling543735.37