Download now Free registration required
Botnets, i.e., networks of compromised machines under a common control infrastructure, are commonly controlled by an attacker with the help of a central server: all compromised machines connect to the central server and wait for commands. However, the first botnets that use Peer-to-Peer (P2P) networks for remote control of the compromised machines appeared in the wild recently. This paper introduces a methodology to analyze and mitigate P2P botnets. In a case study, the paper examines in detail the Storm Worm botnet, the most wide-spread P2P botnet currently propagating in the wild. The paper was able to infiltrate and analyze in-depth the botnet, which allows to estimate the total number of compromised machines.
- Format: PDF
- Size: 578.4 KB