Skip to main content
SpringerLink
Log in
Book cover

Botnet Detection pp 131–142Cite as

Detecting Botnet Membership with DNSBL Counterintelligence

  • Chapter

Part of the book series: Advances in Information Security ((ADIS,volume 36))

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Taormina, Sicily, Italy, October 2004.

    Google Scholar 

  2. Bobax trojan analysis. http://www.lurhq.com/bobax.html, March 2005.

    Google Scholar 

  3. Symantec Security Alert–W32.Bobax.D worm. http://www.sarc.com/ avcenter/venc/data/w32.bobax.d.html.

    Google Scholar 

  4. David Brumley. Tracking hackers on IRC. http://www.doomdead.com/texts/ ircmirc/TrackingHackersonIRC.htm, 2003.

    Google Scholar 

  5. CNN Technology News. Expert: Botnets No. 1 emerging Internet threat. http://www. cnn.com/2006/TECH/internet/01/31/furst/, January 2006.

    Google Scholar 

  6. Evan Cooke, Farnam Jahanian, and Danny McPherson. The Zombie Roundup: Understanding, Detecting and Disrupting Botnets. In Usenix Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI), June 2005.

    Google Scholar 

  7. David Dagon, Cliff Zou, and Wenke Lee. Modeling botnet propagation using time zones. In Proceedings of the 13th Annual Network and Distributed System Security Symposium (NDSS ’06), 2006.

    Google Scholar 

  8. S. Dietrich, N. Long, and D. Dittrich. Analyzing distributed denial of service attack tools: The shaft case. In Proceedings of the LISA 2000 System Administration Conference, December 2000.

    Google Scholar 

  9. Felix C. Freiling, Thorsten Holz, and Georg Wicherski. Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks. Technical Report ISSN-0935-3232, RWTH Aachen, April 2005.

    Google Scholar 

  10. Luis H. Gomes, Cristiano Cazita, Jussara Almeida, Virgilio Almeida, and Wagner Meira. Characterizing a Spam Traffic. In Proc. ACM SIGCOMM Internet Measurement Conference[1].

    Google Scholar 

  11. Christopher Hanna. Using snort to detect rogue IRC bot programs. Technical report, October 2004.

    Google Scholar 

  12. 12. Jaeyeon Jung and Emil Sit. An Empirical Study of Spam Traffic and the Use of DNS Black Lists. In Proc. ACM SIGCOMM Internet Measurement Conference[1], pages 370–375.

    Google Scholar 

  13. Srikanth Kandula, Dina Katabi, Matthias Jacob, and Arthur Berger. Botz-4-Sale: Surviving Organized DDoS Attacks That Mimic Flash Crowds. In Proc. 2nd Symposium on Networked Systems Design and Implementation (NSDI), Boston, MA, May 2005.

    Google Scholar 

  14. Sven Krasser, Gregory Conti, Julian Grizzard, Jeff Gribschaw, and Henry Owen. Real-time and forensic network data analysis using animated and coordinated visualization. In Proceedings of the 6th IEEE Information Assurance Workshop, 2005.

    Google Scholar 

  15. Brian Krebs. Bringing botnets out of the shadows. http://www.washingtonpost.com/wp-dyn/content/article/2006/03/21/AR20060%32100279. html, 2006.

    Google Scholar 

  16. D. Moore, Geoffrey M. Voelker, and Stefan Savage. Inferring internet denial-of-service activity. In Proceedings of the 2001 USENIX Security Symposium, 2001.

    Google Scholar 

  17. Stephan Racine. Analysis of internet relay chat usage by ddos zombies. ftp://www. tik.ee.ethz.ch/pub/students/2003-2004-Wi/MA-2004-01.pdf, 2004.

    Google Scholar 

  18. Anirudh Ramachandran and Nick Feamster. Understanding the Network-Level Behavior of Spammers. In Proc. ACM SIGCOMM, Pisa, Italy, September 2006.

    Google Scholar 

  19. Puri Ramneek. Bots & Botnets: An Overview. http://www.giac.com/practical/GSEC/Ramneek_Puri_GSEC.pdf, 2003.

    Google Scholar 

  20. S.E. Schechter and M.D. Smith. Access for sale. In 2003 ACM Workshop on Rapid Malcode (WORM’03). ACM SIGSAC, October 2003.

    Google Scholar 

  21. SpamAssassin, 2005. http://www.spamassassin.org/.

    Google Scholar 

  22. SwatIt. Bots, drones, zombies, worms and other things that go bump in the night. http: //swatit.org/bots/, 2004.

    Google Scholar 

  23. Virus Bulletin 2005 Paper on ’Bots and Botnets’. http://arachnid.homeip.net/papers/VB2005-Bots_and_Botnets-1.0.2.pdf.

    Google Scholar 

  24. Y. Zhang and V. Paxson. Detecting stepping stones. In Proceedings of the 9th USENIX Security Symposium, August 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Georgia Institute of Technology, Atlanta, GA 30332

    Anirudh Ramachandran, Nick Feamster & David Dagon

Authors
  1. Anirudh Ramachandran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nick Feamster
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Dagon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Georgia Institute Technology College of Computing, 266 Ferst Drive, Atlanta, GA 30332-0765

    Wenke Lee

  2. US Army Research Office Computing and Information Science Div, P.O.Box 12211, Research Triangle Park NC 27709-2211

    Cliff Wang

  3. Georgia Institute Technology College of Computing, 266 Ferst Drive, Atlanta, GA 30332-0765

    David Dagon

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Ramachandran, A., Feamster, N., Dagon, D. (2008). Detecting Botnet Membership with DNSBL Counterintelligence. In: Lee, W., Wang, C., Dagon, D. (eds) Botnet Detection. Advances in Information Security, vol 36. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-68768-1_7

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-68768-1_7

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-68766-7

  • Online ISBN: 978-0-387-68768-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation