Examining social dynamics for countering botnet attacks

Ziming Zhao, Gail-Joon Ahn, Hongxin Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent study discovers that rogue programs are sold in black markets in online social networks and adversaries use online social networks to coordinate attacks. Correlation of botnet attacks and activities in online underground social networks is crucial to tactically cope with net-centric threats. In this paper, we take the first step toward adversarial behavior identification by modeling social dynamics of underground adversarial communities and tracing the origin of certain malwares and attack events in underground communities. We also describe our evaluation to demonstrate the effectiveness of our approach.

Original languageEnglish (US)
Title of host publicationGLOBECOM - IEEE Global Telecommunications Conference
DOIs
StatePublished - 2011
Event54th Annual IEEE Global Telecommunications Conference: "Energizing Global Communications", GLOBECOM 2011 - Houston, TX, United States
Duration: Dec 5 2011Dec 9 2011

Other

Other54th Annual IEEE Global Telecommunications Conference: "Energizing Global Communications", GLOBECOM 2011
CountryUnited States
CityHouston, TX
Period12/5/1112/9/11

Fingerprint

Botnet
Malware

ASJC Scopus subject areas

  • Electrical and Electronic Engineering

Cite this

Zhao, Z., Ahn, G-J., & Hu, H. (2011). Examining social dynamics for countering botnet attacks. In GLOBECOM - IEEE Global Telecommunications Conference [6134468] https://doi.org/10.1109/GLOCOM.2011.6134468

Examining social dynamics for countering botnet attacks. / Zhao, Ziming; Ahn, Gail-Joon; Hu, Hongxin.

GLOBECOM - IEEE Global Telecommunications Conference. 2011. 6134468.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Zhao, Z, Ahn, G-J & Hu, H 2011, Examining social dynamics for countering botnet attacks. in GLOBECOM - IEEE Global Telecommunications Conference., 6134468, 54th Annual IEEE Global Telecommunications Conference: "Energizing Global Communications", GLOBECOM 2011, Houston, TX, United States, 12/5/11. https://doi.org/10.1109/GLOCOM.2011.6134468
Zhao Z, Ahn G-J, Hu H. Examining social dynamics for countering botnet attacks. In GLOBECOM - IEEE Global Telecommunications Conference. 2011. 6134468 https://doi.org/10.1109/GLOCOM.2011.6134468
Zhao, Ziming ; Ahn, Gail-Joon ; Hu, Hongxin. / Examining social dynamics for countering botnet attacks. GLOBECOM - IEEE Global Telecommunications Conference. 2011.
@inproceedings{13be0a07a89c4222bdfb9e5b2c426b97,
title = "Examining social dynamics for countering botnet attacks",
abstract = "Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent study discovers that rogue programs are sold in black markets in online social networks and adversaries use online social networks to coordinate attacks. Correlation of botnet attacks and activities in online underground social networks is crucial to tactically cope with net-centric threats. In this paper, we take the first step toward adversarial behavior identification by modeling social dynamics of underground adversarial communities and tracing the origin of certain malwares and attack events in underground communities. We also describe our evaluation to demonstrate the effectiveness of our approach.",
author = "Ziming Zhao and Gail-Joon Ahn and Hongxin Hu",
year = "2011",
doi = "10.1109/GLOCOM.2011.6134468",
language = "English (US)",
isbn = "9781424492688",
booktitle = "GLOBECOM - IEEE Global Telecommunications Conference",

}

TY - GEN

T1 - Examining social dynamics for countering botnet attacks

AU - Zhao, Ziming

AU - Ahn, Gail-Joon

AU - Hu, Hongxin

PY - 2011

Y1 - 2011

N2 - Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent study discovers that rogue programs are sold in black markets in online social networks and adversaries use online social networks to coordinate attacks. Correlation of botnet attacks and activities in online underground social networks is crucial to tactically cope with net-centric threats. In this paper, we take the first step toward adversarial behavior identification by modeling social dynamics of underground adversarial communities and tracing the origin of certain malwares and attack events in underground communities. We also describe our evaluation to demonstrate the effectiveness of our approach.

AB - Even though promising results have been obtained from existing research on bots and associated command and control channels, there is little research in exploring the ways on how bots are created and distributed by adversaries. Consequently, innovative methods that help determine the linkage between the rogue programs and adversaries are imperative for mitigating and combating botnet attacks. Recent study discovers that rogue programs are sold in black markets in online social networks and adversaries use online social networks to coordinate attacks. Correlation of botnet attacks and activities in online underground social networks is crucial to tactically cope with net-centric threats. In this paper, we take the first step toward adversarial behavior identification by modeling social dynamics of underground adversarial communities and tracing the origin of certain malwares and attack events in underground communities. We also describe our evaluation to demonstrate the effectiveness of our approach.

UR - http://www.scopus.com/inward/record.url?scp=84857211781&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84857211781&partnerID=8YFLogxK

U2 - 10.1109/GLOCOM.2011.6134468

DO - 10.1109/GLOCOM.2011.6134468

M3 - Conference contribution

SN - 9781424492688

BT - GLOBECOM - IEEE Global Telecommunications Conference

ER -