Abstract
Botnets have evolved dramatically in the recent years, and there are many different types of botnet with many different candidates in each field. In this chapter, we present a brief overview of a botnet (definition, infection method, history, and topology) and then expose the three botnets (Zeus, Koobface, and Windigo) that have made a considerable impact on the Internet. We also discuss the methods that modern day botnets use to avoid detection and how to overcome these avoidance techniques. And finally, we list some security measures that can be deployed on the network to protect against botnets in general.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Andriesse D, Bos H (2014) An analysis of the ZeuS peer-to-peer protocol. IR-CS-74, rev
Andriesse D, Rossow C, Stone-Gross B et al (2013) Highly resilient peer-to-peer botnets are here: an analysis of Gameover Zeus. VU University of Amsterdam, Amsterdam
Baltazar J, Costoya J, Flores R (2009) The real face of KOOBFACE: the largest web 2.0 botnet explained. Trend Micro Threat Research
Bilodeau O, Bureau P, Calvet J et al (2015) Operation Windigo. http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf. Accessed 22 July 2015
Boyles T (2010) CCNA Security Study Guide. Indiana: Wiley Publishing, Inc., 2010
Cisco White Paper (2015) Combating botnets using the cisco ASA botnet traffic filter. http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/white_paper_c11-532091.pdf. Accessed 26 July 2015
Falliere N, Chien E (2009) Zues: King of the bots. Symantec Corporation, Cupertino, CA
Ferguson R (2015) The history of botnet—part I. http://countermeasures.trendmicro.eu/the-history-of-the-botnet-part-i/. Updated 24 Sept 2010. Accessed 20 July 2015
Ferguson R (2015) The history of botnet—part II. http://countermeasures.trendmicro.eu/the-history-of-the-botnet-part-ii/. Updated 24 Sept 2010. Accessed 20 July 2015
Fortinet White Paper (2013) Anatomy of a botnet. Fortinet, Sunnyvale. www.fortinet.com
SANS Institute InfoSec Reading Room (2015) Defense in depth. https://www.sans.org/readingroom/whitepapers/basics/defense-in-depth-525. Accessed 30 July 2015
Irani D, Balduzzi M, Balzarotti D et al (2011) Reverse social engineering attacks in online social networks. DIMVA 2011, 8th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Amsterdam, The Netherlands, 7–8 July 2011. Also published in “Lecture Notes in Computer Science”, Vol 6739/2011, doi:10.1007/978-3-642-22424-9_4
Khattak S, Ramay NR et al (2014) A taxonomy of botnet behavior, detection, and defense. IEEE Commun Surv Tutorials 16(2):898–924
Ollman G (2009) Botnet communication topologies, understanding the intricacies of botnet command-and-control. Damballa Inc., Atlanta
Paquet C (2015) Network security concepts and policies. http://www.ciscopress.com/articles/article.asp?p=1998559. Accessed 1 Aug 2015
Plohmann D, Gerhards-Paddila E, Leder F (2015) Botnets: detection, measurement, disinfection & defense. https://www.enisa.europa.eu/publications/botnets-measurement-detection-disinfection-and-defence. Accessed 30 July 2015
Scarfone K, Mell P (2007) Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology, Gaithersburg
Shin S, Gu G (2010) Conficker and beyond: a large-scale empirical study. In: Proceedings of annual computer security applications conference (ACSAC)
Sophos Press Release (2007) Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves. https://www.sophos.com/en-us/press-office/press-releases/2007/08/facebook.aspx
Stawowski M (2015) Practical defense-in-depth protection against botnets. http://www.clico.pl/services/practical-defense-in-depth-protection-against-botnets. Accessed 31 July 2015
Thomas K, Nicol DM (2010) The Koobface botnet and the rise of social malware. Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software, Malware, 2010, pp 63–70
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Atluri, A.C., Tran, V. (2017). Botnets Threat Analysis and Detection. In: Traoré, I., Awad, A., Woungang, I. (eds) Information Security Practices. Springer, Cham. https://doi.org/10.1007/978-3-319-48947-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-48947-6_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48946-9
Online ISBN: 978-3-319-48947-6
eBook Packages: EngineeringEngineering (R0)