

Take a Deep Breath: A Stealthy, Resilient and Cost-Effective Botnet Using Skype

14 years 3 months ago
Take a Deep Breath: A Stealthy, Resilient and Cost-Effective Botnet Using Skype
Abstract. Skype is one of the most used P2P applications on the Internet: VoIP calls, instant messaging, SMS and other features are provided at a low cost to millions of users. Although Skype is a closed source application, an API allows developers to build custom plugins which interact over the Skype network, taking advantage of its reliability and capability to easily bypass firewalls and NAT devices. Since the protocol is completely undocumented, Skype traffic is particularly hard to analyze and to reverse engineer. We propose a novel botnet model that exploits an overlay network such as Skype to build a parasitic overlay, making it extremely difficult to track the botmaster and disrupt the botnet without damaging legitimate Skype users. While Skype is particularly valid for this purpose due to its abundance of features and its widespread installed base, our model is generically applicable to distributed applications that employ overlay networks to send direct messages between nodes...
Antonio Nappa, Aristide Fattori, Marco Balduzzi, M
Added 29 Oct 2010
Updated 29 Oct 2010
Type Conference
Year 2010
Authors Antonio Nappa, Aristide Fattori, Marco Balduzzi, Matteo Dell'Amico, Lorenzo Cavallaro
Comments (0)