Abstract
Cloud computing is one of the most emerging technologies in these years. According to the service models, it can be categorized into SaaS (Software as a Service), PaaS (Platform as a Service) and IaaS (Infrastructure as a Service). Because SaaS uses computational power from both servers of cloud computing providers and machines of customers, we argue that SaaS may be elaborately exploited in an unprecedented way as an attack vector for botnets, i.e. SaaS-driven botnets. This paper introduces SaaS-driven botnets with detailed analysis on feasibilities, and proposes potential defense approaches against SaaS-driven botnets.
Keywords
- botnet
- SaaS
- cloud computing
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Mell, P., Grance, T.: The NIST definition of cloud computing. National Institute of Standards and Technology 53(6) (2009)
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H.: Above the clouds: A Berkeley View of Cloud Computing. University of California, Berkeley, Technical Report No. UCB/EECS-2009-28 (2009)
Youseff, L., Butrico, M., Da Silva, D.: Toward a unified ontology of cloud computing. In: Grid Computing Environments (GCE) Workshop (2008)
Turner, M., Budgen, D., Brereton, P.: Turning software into a service. Computer 36(10) (2003)
Gold, N., Mohan, A., Knight, C., Munro, M.: Understanding service-oriented software. Software 21(2) (2004)
Cooke, E., Jahanian, F.: The zombie roundup: understanding, detecting, and disrupting botnets. In: USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop, SRUTI 2005 (2005)
Rajab, M.A., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: 6th ACM SIGCOMM Conference on Internet Measurement, IMC 2006 (2006)
Provos, N., McNamee, D., Mavrommatis, P., Wang, K., Modadugu, N.: The ghost in the browser: analysis of web-based malware. In: 1st USENIX Workshop on Hot Topics in Understanding Botnets, HotBots 2007 (2007)
Choi, H., Lee, H., Lee, H., Kim, H.: Botnet detection by monitoring group activities in DNS traffic. In: 7th IEEE International Conference on Computer and Information Technology, CIT 2007 (2007)
Gu, G., Zhang, J., Lee, W.: BotSniffer: detecting botnet command and control channels in network traffic. In: 16th Annual Network & Distributed System Security Symposium, NDSS 2008 (2008)
Gu, G., Perdisci, R., Zhang, J., Lee, W.: BotMiner: clustering analysis of network traffic for protocol and structure- independent botnet detection. In: 17th USENIX Security Symposium (2008)
HTML5: a vocabulary and associated APIs for HTML and XHTML. W3C Working Draft (May 2011)
WebGL specification, Version 1.0 (February 2011)
Eugster, P.T., Felber, P.A., Guerraoui, R., Kermarrec, A.-M.: The many faces of publish/subscribe. ACM Computing Surveys 35(2) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jiang, B., Im, E.G., Koo, Y. (2012). SaaS-Driven Botnets. In: Chau, M., Wang, G.A., Yue, W.T., Chen, H. (eds) Intelligence and Security Informatics. PAISI 2012. Lecture Notes in Computer Science, vol 7299. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30428-6_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-30428-6_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30427-9
Online ISBN: 978-3-642-30428-6
eBook Packages: Computer ScienceComputer Science (R0)
