Ashutosh Singh; Annie H. Toderici; Kevin Ross; Mark Stamp

Social Networking for Botnet Command and Control

Full Text (PDF, 510KB), PP.11-17

Views: 0 Downloads: 0

Author(s)

Ashutosh Singh ^1,* Annie H. Toderici ¹ Kevin Ross ¹ Mark Stamp ¹

1. San Jose State University , San Jose, California

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2013.06.02

Received: 18 Sep. 2012 / Revised: 15 Dec. 2012 / Accepted: 10 Feb. 2013 / Published: 8 May 2013

Index Terms

Botnet, Twitter, malware

Abstract

A botnet is a group of compromised computers—often a large group—under the command and control of a malicious botmaster. Botnets can be used for a wide variety of malicious attacks, including spamming, distributed denial of service, and identity theft. Botnets are generally recognized as a serious threat on the Internet. This paper discusses SocialNetworkingBot, a botnet we have developed that uses Twitter for command and control. In SocialNetworkingBot, the botmaster tweets commands that are acted on by the individual bots. We discuss the functionality and implementation of SocialNetworkingBot, as well as a small-scale experiment that we have conducted. The botnet presented here is intended to serve as a proof of concept and a platform to facilitate further research.

Cite This Paper

Ashutosh Singh, Annie H. Toderici, Kevin Ross, Mark Stamp, "Social Networking for Botnet Command and Control", International Journal of Computer Network and Information Security(IJCNIS), vol.5, no.6, pp.11-17, 2013. DOI:10.5815/ijcnis.2013.06.02

Reference

[1]B. Lokesh, Covert Botnet implementation and defense against covert botnets, Utah State University, 2009.
[2]P. Barford and V. Yegneswaran, An inside look at botnets, Special Workshop on Malware Detection, Advances in Information Security, Springer 2006 http://pages.cs.wisc.edu/~pb/botnets_final.pdf
[3]D. Dittrich and S. Dittrich, P2P as botnet command and control: A deeper insight, International Conference on Malicious and Unwanted Software, 2008 http://staff.washington.edu/dittrich/misc/malware08-dd-final.pdf
[4]S. Gaudin, Storm worm erupts into worst virus attack in 2 years, Information Week, July 24, 2007 http://www.informationweek.com/news/201200849
[5]J. Grizzard, et al, Peer-to-peer botnets: Overview and case study, In Proceedings of Hot Topics in Understanding Botnets (HotBots'07), 2007 http://static.usenix.org/event/hotbots07/tech/full_papers/grizzard/grizzard.pdf
[6]G. Gu, J. Zhang, and W. Lee, BotSniffer: Detecting botnet command and control channels in network traffic, In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, California
[7]T. Holz, S. Marechal, and F. Raynal, New threats and attacks on the world wide web, IEEE Security & Privacy, 4 (2), pp. 72-75, March/April 2006
[8]Java API http://www.oracle.com/technetwork/java/javamail/javamail143-243221.html
[9]C. Kalt, Internet Relay Chat: Client Protocol, RFC 2812, 2000
[10]E. Kartaltepe, et al, Social-network based botnet command-and-control: Emerging threats and countermeasures, Applied Cryptography and Network Security 8th International Conference (ACNS 2010), J. Zhou and M. Yung (editors), LNCS 6123, pp. 511-528
[11]J. Leyden, Mexican Twitter-controlled botnet unpicked, The Register, September 15, 2010 http://www.theregister.co.uk/2010/09/15/mexican_twitter_botnet/
[12]J. Leyden, Twitter-control botnet mines Bitcoins, The Register, August 3, 2011 http://www.theregister.co.uk/2011/08/03/twitter_controlled_bitcoin_botnet/
[13]L. Liu, et al, Botnet: classi cation, attacks, detection, tracing, and preventive measures, EURASIP Journal on Wireless Communications and Networking, Volume 2009, Article ID 692654
[14]E. Messmer, America's 10 most wanted botnets, Network World, July 22, 2009 http://www.networkworld.com/news/2009/072209-botnets.html
[15]J. Nazario, Twitter-based botnet command channel, The Arbor Networks Security Blog, August 13, 2009 http://ddos.arbornetworks.com/2009/08/twitter-based-botnet-command-channel/
[16]P. Porras, H. Saidi, and V. Yegneswaran, A multi-perspective analysis of the Storm (Peacomm) worm, CSL Technical Note, Computer Science Laboratory, SRI International, October 2007
[17]P. Roberts, Sophisticated attackers now using social net for command and control, ThreatPost, January 27, 2011
[18]B. Schneier, Nugache and Storm http://www.schneier.com/blog/archives/2007/12/the_nugache_wor.html
[19]M. Stamp, Information Security: Principles and Practice, 2nd edition, Wiley, May 2011
[20]Twitter Fan Wiki, Bots http://twitter.pbworks.com/w/page/1779741/Bots/
[21]P. Wang, S. Sparks, and C. Zou, An advanced hybrid peer-to-peer botnet, IEEE Transactions on Dependable and Secure Computing, 7(2), 113-127, April-June 2010

International Journal of Computer Network and Information Security (IJCNIS)