MasterBlaster: Identifying influential players in botnet transactions

Napoleon C. Paxton, Gail-Joon Ahn, Mohamed Shehab

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Botnets continue to be a critical tool for hackers in exploiting vulnerabilities of systems and destructing computer networks. Botnet monitoring is a method used to study and identify malicious capabilities of a botnet, but current botnet monitoring projects mainly identify the magnitude of the botnet problem and tend to overt some fundamental problems, such as the diversified sources of the attacks. Most malicious botnets have the ability to be rented out to a broad range of potential customers, allowing each customer to launch different attacks from the other. Consequently, under the control of multiple botmasters, various attacks and transactions at different times attempt to damage networked infrastructures. In this paper we propose a multi-layered analysis system called MasterBlaster which identifies the communication characteristics of a botmaster in botnet transactions and correlates those characteristics with evolutionary changes within botnet communication channels. Our results show the level of involvement of the monitored botmasters within a botnet as well as their general motives. Our system clearly indicates that the investigation of each botmaster and analysis of botmaster interactions are essential to cope with net-centric attacks caused by botnets.

Original languageEnglish (US)
Title of host publicationProceedings - 35th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2011
Pages413-419
Number of pages7
DOIs
StatePublished - 2011
Event35th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2011 - Munich, Germany
Duration: Jul 18 2011Jul 21 2011

Publication series

NameProceedings - International Computer Software and Applications Conference
ISSN (Print)0730-3157

Other

Other35th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2011
CountryGermany
CityMunich
Period7/18/117/21/11

Keywords

  • Attribution
  • Botnet
  • Botnet analysis
  • Botnet monitoring

ASJC Scopus subject areas

  • Software
  • Computer Science Applications

Fingerprint Dive into the research topics of 'MasterBlaster: Identifying influential players in botnet transactions'. Together they form a unique fingerprint.

  • Cite this

    Paxton, N. C., Ahn, G-J., & Shehab, M. (2011). MasterBlaster: Identifying influential players in botnet transactions. In Proceedings - 35th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2011 (pp. 413-419). [6032373] (Proceedings - International Computer Software and Applications Conference). https://doi.org/10.1109/COMPSAC.2011.61