A First Step towards Live Botmaster Traceback

@inproceedings{Ramsbrock2008AFS,
  title={A First Step towards Live Botmaster Traceback},
  author={Daniel Ramsbrock and Xinyuan Wang and Xuxian Jiang},
  booktitle={RAID},
  year={2008}
}
Despite the increasing botnet threat, research in the area of botmaster traceback is limited. The four main obstacles are 1) the low-traffic nature of the bot-to-botmaster link; 2) chains of “stepping stones;” 3) the use of encryption along these chains; and 4) mixing with traffic from other bots. Most existing traceback approaches can address one or two of these issues, but no single approach can overcome all of them. We present a novel flow watermarking technique to address all four obstacles… CONTINUE READING
Highly Cited
This paper has 41 citations. REVIEW CITATIONS