Article

Correlation Analysis between Spamming Botnets and Malware Infected Hosts

Authors:

Koji NakaoAuthors Info & Claims

SAINT '11: Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet

Pages 372 - 375

https://doi.org/10.1109/SAINT.2011.71

Published: 18 July 2011 Publication History

Abstract

Many of recent cyber attacks are being launched by botnets for the purpose of carrying out large-scale cyber attacks such as spam emails, Distributed Denial of Service (DDoS), network scanning and so on. In many cases, these botnets consist of a lot of bots or zombie PCs which have been infected by a specific malware, and they try to propagate themselves into other victim systems through the Internet. In order to mitigate heavy damage of botnet based cyber attacks, it is needed to better understand the basic infrastructure of botnets as well as the underlying malwares of them. In this paper, we carried out correlation analysis between 10 spamming botnets identified by analyzing 3 weeks of spam emails in our previous work and malware infected hosts that observed at our darknets and honey pots. By comparing members (i.e., bots) of 10 spamming botnets with source hosts of dark net and honey pot traffic, we found that 7.2% ~ 37.5% of spamming botnets has been infected by four different malwares at least.

Cited By

View all

Bou-Harb ELakhdari NBinsalleeh HDebbabi M(2018)Multidimensional investigation of source port 0 probingDigital Investigation: The International Journal of Digital Forensics & Incident Response10.5555/2838421.283845111:S2(S114-S123)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.5555/2838421.2838451
Ban TZhu LShimamura JPang SInoue DNakao K(2012)Behavior analysis of long-term cyber attacks in the darknetProceedings of the 19th international conference on Neural Information Processing - Volume Part V10.1007/978-3-642-34500-5_73(620-628)Online publication date: 12-Nov-2012
https://dl.acm.org/doi/10.1007/978-3-642-34500-5_73

Index Terms

Correlation Analysis between Spamming Botnets and Malware Infected Hosts
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Index terms have been assigned to the content through auto-classification.

Recommendations

Spamming botnets: signatures and characteristics

In this paper, we focus on characterizing spamming botnets by leveraging both spam payload and spam server traffic properties. Towards this goal, we developed a spam signature generation framework called AutoRE to detect botnet-based spam emails and ...
The Next Malware Battleground: Recovery After Unknown Infection

Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...
Spamming botnets: signatures and characteristics
SIGCOMM '08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication

In this paper, we focus on characterizing spamming botnets by leveraging both spam payload and spam server traffic properties. Towards this goal, we developed a spam signature generation framework called AutoRE to detect botnet-based spam emails and ...

Comments

Information & Contributors

Information

Published In

SAINT '11: Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet

July 2011

595 pages

ISBN:9780769544236

Publisher

IEEE Computer Society

United States

Publication History

Published: 18 July 2011

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Bou-Harb ELakhdari NBinsalleeh HDebbabi M(2018)Multidimensional investigation of source port 0 probingDigital Investigation: The International Journal of Digital Forensics & Incident Response10.5555/2838421.283845111:S2(S114-S123)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.5555/2838421.2838451
Ban TZhu LShimamura JPang SInoue DNakao K(2012)Behavior analysis of long-term cyber attacks in the darknetProceedings of the 19th international conference on Neural Information Processing - Volume Part V10.1007/978-3-642-34500-5_73(620-628)Online publication date: 12-Nov-2012
https://dl.acm.org/doi/10.1007/978-3-642-34500-5_73

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Spamming botnets: signatures and characteristics

The Next Malware Battleground: Recovery After Unknown Infection

Spamming botnets: signatures and characteristics

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations