CFP last date
20 January 2025
Reseach Article

Survey and Research Challenges of Botnet Forensics

by Anchit Bijalwan, Meenakshi Thapaliyal, Emmanuel S Piili, R. C. Joshi
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 75 - Number 7
Year of Publication: 2013
Authors: Anchit Bijalwan, Meenakshi Thapaliyal, Emmanuel S Piili, R. C. Joshi
10.5120/13127-0483

Anchit Bijalwan, Meenakshi Thapaliyal, Emmanuel S Piili, R. C. Joshi . Survey and Research Challenges of Botnet Forensics. International Journal of Computer Applications. 75, 7 ( August 2013), 43-50. DOI=10.5120/13127-0483

@article{ 10.5120/13127-0483,
author = { Anchit Bijalwan, Meenakshi Thapaliyal, Emmanuel S Piili, R. C. Joshi },
title = { Survey and Research Challenges of Botnet Forensics },
journal = { International Journal of Computer Applications },
issue_date = { August 2013 },
volume = { 75 },
number = { 7 },
month = { August },
year = { 2013 },
issn = { 0975-8887 },
pages = { 43-50 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume75/number7/13127-0483/ },
doi = { 10.5120/13127-0483 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:44:42.522442+05:30
%A Anchit Bijalwan
%A Meenakshi Thapaliyal
%A Emmanuel S Piili
%A R. C. Joshi
%T Survey and Research Challenges of Botnet Forensics
%J International Journal of Computer Applications
%@ 0975-8887
%V 75
%N 7
%P 43-50
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Botnet has recently been recognized as one of the most significant security threats/worms of the Internet. Latest attacks are increasingly complex, and utilize many strategies in order to perform their intended malicious/hazardous task. Attackers have developed the ability of controlling vast area of infected hosts, characterized by complex executable command set, each involved part in cooperative and coordinated attacks. These papers propose the advanced approach related botnet detection and analysis in the near future. It demonstrates a novel approach of botnet investigations and defense mechanisms.

References
  1. R. Borgaonkar, "An Analysis of the Asprox Botnet," in Fourth International Conference on Emerging Security Information Systems and Technologies (SECURWARE), 2010. , pp. 148-153.
  2. Y. Zeng, X. Hu, and K. G. Shin, "Detection of botnets using combined host-and network-level information," in International Conference on Dependable Systems and Networks (DSN), IEEE/IFIP , 2010 pp. 291-300.
  3. S. -G. Brett, C. Marco, C. Lorenzo, G. Bob, S. Martin, K. Richard, K. Christopher, and V. Giovanni, "Your botnet is my botnet: analysis of a botnet takeover," in Proceedings of the 16th ACM conference on Computer and communications security Chicago, Illinois, USA: ACM, 2009.
  4. L. Wei, M. Tavallaee, G. Rammidi, and A. A. Ghorbani, "BotCop: An Online Botnet Traffic Classifier," in Seventh Annual, Communication Networks and Services Research Conference, CNSR '09. 2009, pp. 70-77.
  5. M. Egele, T. Scholte, E. Kirda, and C. Kruegel, "A survey on automated dynamic malware-analysis techniques and tools," ACM Computing Surveys (CSUR), vol. 44, p. 6.
  6. E. S. Pilli, R. C. Joshi, and R. Niyogi, "Network forensic frameworks: Survey and research challenges," Digital Investigation, vol. 7, pp. 14-27, 2010.
  7. S. r. S. C. Silva, R. M. P. Silva, R. C. G. Pinto, and R. M. Salles, "Botnets: A survey," Computer Networks, 2012.
  8. M. Bailey, E. Cooke, F. Jahanian, X. Yunjing, and M. Karir, "A Survey of Botnet Technology and Defenses," in Conference For Homeland Security,CATCH '09. Cybersecurity Applications & Technology, 2009, pp. 299-304.
  9. J. Dae-il, K. Minsoo, J. Hyun-chul, and N. Bong-Nam, "Analysis of HTTP2P botnet: case study waledac," in IEEE 9th Malaysia International Conference on Communications (MICC), 2009, pp. 409-412.
  10. S. Saad, I. Traore, A. Ghorbani, B. Sayed, D. Zhao, L. Wei, J. Felix, and P. Hakimian, "Detecting P2P botnets through network behavior analysis and machine learning," in Ninth Annual International Conference on Privacy, Security and Trust (PST), 2011, pp. 174-180.
  11. D. Dong, Y. Wu, L. He, G. Huang, and G. Wu, "Deep analysis of intending peer-to-peer botnet," in Seventh International Conference on Grid and Cooperative Computing, 2008. GCC'08. , pp. 407-411.
  12. W. Ping, S. Sparks, and C. C. Zou, "An Advanced Hybrid Peer-to-Peer Botnet," Dependable and Secure Computing, IEEE Transactions on, vol. 7, pp. 113-127.
  13. Y. Kugisaki,Y. Kasahara, Y. Hori, and K. Sakurai, "Bot Detection Based on Traffic Analysis," in International Conference on Intelligent Pervasive Computing, IPC 2007, pp. 303-306.
  14. M. M. Masud, T. Al-khateeb, L. Khan, B. Thuraisingham, and K. W. Hamlen, "Flow-based identification of Botnet traffic by mining multiple log files," in First International Conference on Distributed Framework and Applications, DFmA, 2008, pp. 200-206.
  15. P. Kalakota and C. T. Huang, "On the benefits of early filtering of botnet unwanted traffic," in Proceedings of 18th Internatonal Conference on, Computer Communications and Networks, ICCCN 2009. , pp. 1-6.
  16. X. -n. Li, Y. Liu, and H. Zheng, "Peer-to-Peer botnets: Analysis and defense," in IEEE 3rd International Conference on Communication Software and Networks (ICCSN), 2009, pp. 140-143.
  17. M. Essaaidi, M. Malgeri, C. Badica, I. Kotenko, A. Konovalov, and A. Shorov, "Simulation of Botnets: Agent-Based Approach," in Intelligent Distributed Computing IV. vol. 315: Springer Berlin Heidelberg, 2010, pp. 247-252.
  18. B. AsSadhan, J. M. F. Moura, and D. Lapsley, "Periodic Behavior in Botnet Command and Control Channels Traffic," in Global Telecommunications Conference On GLOBECOM IEEE, 2009, pp. 1-6.
  19. M. Riccardi, D. Oro, J. Luna M. Cremonini, and M. Vilanova, "A framework for financial botnet analysis," in Crime Researchers Summit (eCrime), 2010, pp. 1-7.
  20. S. Goel, F. W. Law, K. P. Chow, P. Y. Lai, and H. S. Tse, "A Host-Based Approach to BotNet Investigation?," in Digital Forensics and Cyber Crime. vol. 31: Springer Berlin Heidelberg, 2010, pp. 161-170.
  21. H. Binsalleeh, T. Ormerod, A. Boukhtouta, P. Sinha, A. Youssef, M. Debbabi, and L. Wang, "On the analysis of the Zeus botnet crimeware toolkit," in Eighth Annual International Conference on Privacy Security and Trust (PST), 2010, pp. 31-38.
  22. K. F. a. A. A. Anders Flaglien, "Identifying Malware Using Cross-Evidence Correlation," Advances in Digital Forensics, vol. VII, pp. 169-182, 2011.
  23. R. Sommer, D. Balzarotti, G. Maier, S. Shin, R. Lin, and G. Gu, "Cross-Analysis of Botnet Victims: New Insights and Implications," in Recent Advances in Intrusion Detection. vol. 6961: Springer Berlin Heidelberg, 2011, pp. 242-261.
  24. Y. Yun, N. Wei, H. Gu-Yu, and L. Hua-Bo, "A Botnet Passiv Propagation and Evolution Model," in Second International Conference on Instrumentation, Measurement, Computer, Communication and Control (IMCCC), IEEE 2012 pp. 71-74.
  25. R. Li, L. Gan, and Y. Jia, "Propagation model for botnet based on conficker monitoring," in Second International Symposium on Information Science and Engineering (ISISE), 2009, 2009, pp. 185-190.
  26. D. Dagon, C. Zou, and W. Lee, "Modeling botnet propagation using time zones," in Proceedings of the 13th annual network and distributed system security symposium (NDSS’06), 2006.
  27. J. C. Wierman and D. J. Marchette, "Modeling computer virus prevalence with a susceptible-infected-susceptible model with reintroduction," Computational Statistics & Data Analysis, vol. 45, pp. 3-23, 2004.
  28. S. Vimercati, P. Syverson, D. Gollmann, F. Freiling, T. Holz, and G. Wicherski, "Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks," in Computer Security â€"ESORICS,vol. 3679: Springer Berlin Heidelberg, 2005, pp. 319-335.
Index Terms

Computer Science
Information Sciences

Keywords

Bots Botnet C&C Analysis