Using coverage analysis to extract Botnet command-and-control protocol

被引：0

作者：

Wang, Zhi ^{[1
]}

Cai, Ya-Yun ^{[1
]}

Liu, Lu ^{[1
]}

Jia, Chun-Fu ^{[1
]}

机构：

[1] College of Computer and Control Engineering, Nankai University, Tianjin 300071, China

来源：

Tongxin Xuebao/Journal on Communications | 2014年 / 35卷 / 01期

关键词：

There are some inherent patterns in the bot execution trace coverage of basic blocks. Using these patterns; an approach was proposed to infer Botnet command-and-control protocol (C&C protocol). Without intermediate representation of binary code and constraints solving; this approach has a lower time and space overhead. This coverage analysis approach was evaluated on 3 famous Botnet: Zeus; Sdbot and Agobot. The result shows that this approach can accurately and efficiently extract the Botnet control commands. And the completeness of the extracted control commands could be verified by checking whether all available basic blocks in bot are covered by the traces triggered by the control commands;

D O I：

10.3969/j.issn.1000-436x.2014.01.018

中图分类号：

学科分类号：

摘要：

引用

页码：156 / 166

共 50 条

[21] THE WHAT, WHO, HOW, AND WHY OF GPALS COMMAND-AND-CONTROL
KOHOUT, JJ
COMPARATIVE STRATEGY, 1992, 11 (02) : 149 - 161
[22] Detecting malware based on expired command-and-control traffic
Zou, Futai
Zhang, Siyu
Li, Linsen
Pan, Li
Li, Jianhua
INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2017, 13 (07):
[23] Decision making in complex naval command-and-control environments
Kaempf, GL
Klein, G
Thordsen, ML
Wolf, S
HUMAN FACTORS, 1996, 38 (02) : 220 - 231
[24] A hierarchical hybrid structure for botnet control and command
Beijing University of Posts and Telecommunications, Beijing 100876, China
不详
不详
Proc. - IEEE Int. Conf. Comput. Sci. Autom. Eng., CSAE, (483-489):
[25] Design of a Hybrid Command and Control Mobile Botnet
Pieterse, Heloise
Olivier, Martin
PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY (ICIW-2013), 2013, : 183 - 192
[26] Mathematical Modeling of Command-and-Control Strategies in Crowd Movement
Feng, Lei
Miller-Hooks, Elise
Brannigan, Vincent
TRANSPORTATION RESEARCH RECORD, 2014, (2459) : 47 - 53
[27] Evaluating Bluetooth as a Medium for Botnet Command and Control
Singh, Kapil
Sangal, Samrit
Jain, Nehil
Traynor, Patrick
Lee, Wenke
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, 2010, 6201 : 61 - 80
[28] Remote command-and-control of imaging payloads using commercial off-the-shelf technology
Herwitz, SR
Leung, JG
Higgins, RG
Dunagan, SE
Arvesen, JC
IGARSS 2002: IEEE INTERNATIONAL GEOSCIENCE AND REMOTE SENSING SYMPOSIUM AND 24TH CANADIAN SYMPOSIUM ON REMOTE SENSING, VOLS I-VI, PROCEEDINGS: REMOTE SENSING: INTEGRATING OUR VIEW OF THE PLANET, 2002, : 2726 - 2728
[29] Can an Incentivized Command-and-Control Approach Improve Groundwater Management? An Analysis of Indian Punjab
Bhatia, Sahil
Singh, S. P.
SUSTAINABILITY, 2023, 15 (22)
[30] From command-and-control to good forest governance: A critical interpretive analysis of Lithuania and Slovakia
Makrickiene, Ekaterina
Brukas, Vilis
Brodrechtova, Yvonne
Mozgeris, Gintautas
Sedmak, Robert
Salka, Jaroslav
FOREST POLICY AND ECONOMICS, 2019, 109

← 1 2 3 4 5 →