A Taxonomy of Botnet Structures

10 years 4 months ago
A Taxonomy of Botnet Structures
We propose a taxonomy of botnet structures, based on their utility to the botmaster. We propose key metrics to measure their utility for various activities (e.g., spam, ddos). Using the performance metrics, we consider the ability of different response techniques to degrade or disrupt botnets. In particular, our models show that for scale free botnets, targeted responses are particularly effective. Further, botmasters’ efforts to improve the robustness of scale free networks comes at a cost of diminished transitivity. Botmasters do not appear to have any structural solutions to this problem in scale free networks. We also show that random graph botnets (e.g., those using P2P formations) are highly resistant to both random and targeted responses. We evaluate the impact of responses on different topologies using simulation. We also perform some novel measurements of a P2P network to demonstrate the utility of our proposed metrics. Our analysis shows how botnets may be classified acco...
David Dagon, Guofei Gu, Christopher P. Lee, Wenke
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Authors David Dagon, Guofei Gu, Christopher P. Lee, Wenke Lee
Comments (0)