Sciweavers

IMC
2006
ACM

A multifaceted approach to understanding the botnet phenomenon

14 years 5 months ago
A multifaceted approach to understanding the botnet phenomenon
The academic community has long acknowledged the existence of malicious botnets, however to date, very little is known about the behavior of these distributed computing platforms. To the best of our knowledge, botnet behavior has never been methodically studied, botnet prevalence on the Internet is mostly a mystery, and the botnet life cycle has yet to be modeled. Uncertainty abounds. In this paper, we attempt to clear the fog surrounding botnets by constructing a multifaceted and distributed measurement infrastructure. Throughout a period of more than three months, we used this infrastructure to track 192 unique IRC botnets of size ranging from a few hundred to several thousand infected end-hosts. Our results show that botnets represent a major contributor to unwanted Internet traffic—27% of all malicious connection attempts observed from our distributed darknet can be directly attributed to botnetrelated spreading activity. Furthermore, we discovered evidence of botnet infections...
Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, And
Added 13 Jun 2010
Updated 13 Jun 2010
Type Conference
Year 2006
Where IMC
Authors Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis
Comments (0)