Sciweavers

CCS
2009
ACM

Your botnet is my botnet: analysis of a botnet takeover

14 years 6 months ago
Your botnet is my botnet: analysis of a botnet takeover
Botnets, networks of malware-infected machines that are controlled by an adversary, are the root cause of a large number of security problems on the Internet. A particularly sophisticated and insidious type of bot is Torpig, a malware program that is designed to harvest sensitive information (such as bank account and credit card data) from its victims. In this paper, we report on our efforts to take control of the Torpig botnet and study its operations for a period of ten days. During this time, we observed more than 180 thousand infections and recorded almost 70 GB of data that the bots collected. While botnets have been “hijacked” and studied previously, the Torpig botnet exhibits certain properties that make the analysis of the data particularly interesting. First, it is possible (with reasonable accuracy) to identify unique bot infections and relate that
Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro,
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where CCS
Authors Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard A. Kemmerer, Christopher Kruegel, Giovanni Vigna
Comments (0)