• Corpus ID: 6155039

A Survey of Advances in Botnet Technologies

  title={A Survey of Advances in Botnet Technologies},
  author={Nathan Goodman},
  • N. Goodman
  • Published 3 February 2017
  • Computer Science
  • ArXiv
Botnets have come a long way since their inception a few decades ago. Originally toy programs written by network hobbyists, modern-day botnets can be used by cyber criminals to steal billions of dollars from users, corporations, and governments. This paper will look at cutting-edge botnet features and detection strategies from over a dozen research papers, supplemented by a few additional sources. With this data, I will then hypothesize what the future of botnets might hold. 

Detecting Botnet Victims Through Graph-Based Machine Learning

BiSAGE; a graph-based machine learning technique capable of detecting the compromised hosts (bot victims) operating on a network is introduced and it is shown that BiSAGE is able to accurately identify bot victims without requiring any labelled samples of botnet activity.

BotCensor: Detecting DGA-Based Botnet Using Two-Stage Anomaly Detection

  • Biao QiJianguo JiangZhixin ShiRui MaoQiwen Wang
  • Computer Science
    2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
  • 2018
BotCensor is a new system that can determine if a host is infected with certain DGA malware with two-stage anomaly detection, and performs very well on identifying previously unknown DGA-generated domains and detects DGA bots with high efficiency and efficacy.

Bot or Not? A Case Study on Bot Recognition from Web Session Logs

This work reports on a study of web usage logs to verify whether it is possible to achieve good recognition rates in the task of distinguishing between human users and automated bots using

Botnet Monitoring Mechanisms on Peer-to-Peer (P2p) Botnet

The purpose of this paper is to study the ways to monitor a botnet and how monitoring mechanism works and previous work about each mechanism is present.

Analysis of Intrusion Detection Approaches for Network Traffic Anomalies with Comparative Analysis on Botnets (2008–2020)

This review paper depicts the botnet examined in three domains: preview of botnets, observation, and analysis ofbotnets, apart from keeping track of them and protecting against them too.

A self‐learning stream classifier for flow‐based botnet detection

A self‐learning botnet detection system is proposed, which uses an ensemble classifier and, in order to enhance its generalization capacity, updates its model continuously on receiving new unlabeled traffic flows.

Review of Advanced Monitoring Mechanisms in Peer-to-Peer (P2P) Botnets

The purpose of this paper is to study the ways to monitor a botnet and how monitoring mechanism works and previous work about each mechanism is present.

Detection of Algorithmically Generated Malicious Domain

An approach for detecting DGA using frequency analysis of the character distribution and the weighted scores of the domain names is presented, showing that domain names made up of English characters “a-z” achieving a weighted score of < 45 are often associated with DGA.

Towards Developing Network forensic mechanism for Botnet Activities in the IoT based on Machine Learning Techniques

Investigating the role of ML techniques for developing a Network forensic mechanism based on network flow identifiers that can track suspicious activities of botnets revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets attacks and their tracks.

Security Hardening of Botnet Detectors Using Generative Adversarial Networks

The empirical results demonstrate the effectiveness of the GAN-based oversampling for learning in advance the adversarial evasion attacks on botnet detectors.



Botnets: A survey

On botnets

The status of the botnets, how they work, and how they may be defeated are reviewed.

A Survey of Botnet Technology and Defenses

This survey paper provides a brief look at how existing botnet research, the evolution and future of botnets, as well as the goals and visibility of today’s networks intersect to inform the field of botnet technology and defense.

Taking down botnets

  • S. Gold
  • Computer Science
    Netw. Secur.
  • 2011

Botcoin: Monetizing Stolen Cycles

This work conducts the first comprehensive study of Bitcoin mining malware, and deduces the amount of money a number of mining botnets have made by carefully reconstructing the Bitcoin transaction records.

Automatically Generating Payload-Based Models for Botnet Detection

A novel approach that can automatically generate effective payload-based models purely based on the traffic of actual bot instances instead of signatures hand-tuned by human experts is proposed.

Socellbot: A new botnet design to infect smartphones via online social networking

  • M. R. FaghaniU. T. Nguyen
  • Computer Science
    2012 25th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE)
  • 2012
This paper proposes a new cellular botnet named SoCellBot that exploits online social networks (OSNs) to recruit bots and uses OSN messaging systems as communication channels between bots.

POSTER: A Lightweight Unknown HTTP Botnets Detecting and Characterizing System

The results of preliminary experiments conducted indicate that the proposed approach can accurately detect unknown HTTP botnets (such as SpyEye and ZeuS) with low false positive rates and generate their signatures automatically.

Survey and taxonomy of botnet research through life-cycle

A taxonomy of botnet research is proposed and it is concluded that all attempts to defeat botnets should be focused on one or more stages of this life-cycle, defined as the sequence of stages a botnet needs to pass through in order to reach its goal.