Paper Info
Title
Botnet Triple-Channel Model: Towards Resilient and Efficient Bidirectional Communication Botnets.
Abstract
Current research on future botnets mainly focuses on how to design a resilient downlink command and control (C&C) channel. However, the uplink data channel, which is generally vulnerable, inefficient even absent, has attracted little attention. In fact, most of current botnets (even large-scale and well-known) contain either a resilient (maybe also efficient) unidirectional downlink C&C channel or a vulnerable bidirectional communication channel, making the botnets either hard to monitor or easy to be taken down. To address the above problem and equip a botnet with resilient and efficient bidirectional communication capability, in this paper, we propose a communication channel division scheme and then establish a Botnet Triple-Channel Model (BTM). In a nutshell, BTM divides a traditional communication channel into three independent sub-channels, denoting as Command Download Channel (CDC), Registration Channel (RC) and Data Upload Channel (DUC), respectively. To illuminate the feasibility, we implement a BTM based botnet prototype named RoemBot, which exploits URL Flux for CDC, Domain Flux for RC and Cloud Flux for DUC. We also evaluate the resilience and efficiency of RoemBot. In the end, we attempt to make a conclusion that resilient and efficient bidirectional communication design represents a main direction of future botnets.
Year
DOI
Venue
2013
10.1007/978-3-319-04283-1_4
Lecture Notes of the Institute for Computer Sciences Social Informatics and Telecommunications Engineering
Keywords
DocType
Volume
Botnet,C&C,BTM,URL Flux,Domain Flux,Cloud Flux
Conference
127
ISSN
Citations 
PageRank 
1867-8211
1
0.43
References 
Authors
14
4
Name
Order
Citations
PageRank
Xiang Cui111520.63
Binxing Fang238088.26
Jin-qiao Shi36729.89
Chaoge Liu486.64