Chapter

Applied Cryptography and Network Security

Volume 6123 of the series Lecture Notes in Computer Science pp 511-528

Social Network-Based Botnet Command-and-Control: Emerging Threats and Countermeasures

  • Erhan J. KartaltepeAffiliated withInstitute for Cyber Security, University of Texas at San Antonio
  • , Jose Andre MoralesAffiliated withInstitute for Cyber Security, University of Texas at San Antonio
  • , Shouhuai XuAffiliated withDepartment of Computer Science, University of Texas at San Antonio
  • , Ravi SandhuAffiliated withInstitute for Cyber Security, University of Texas at San Antonio

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Botnets have become a major threat in cyberspace. In order to effectively combat botnets, we need to understand a botnet’s Command-and-Control (C&C), which is challenging because C&C strategies and methods evolve rapidly. Very recently, botmasters have begun to exploit social network websites (e.g., Twitter.com) as their C&C infrastructures, which turns out to be quite stealthy because it is hard to distinguish the C&C activities from the normal social networking traffic. In this paper, we study the problem of using social networks as botnet C&C infrastructures. Treating as a starting point the current generation of social network-based botnet C&C, we envision the evolution of such C&C methods and explore social networks-based countermeasures.

Keywords

Botnet command-and-control social networks security