The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January/February (2011 vol.9)
pp: 64-72
Brett Stone-Gross , University of California, Santa Barbara
Marco Cova , University of California, Santa Barbara
Bob Gilbert , University of California, Santa Barbara
Richard Kemmerer , University of California, Santa Barbara
Christopher Kruegel , University of California, Santa Barbara
Giovanni Vigna , University of California Santa Barbara
ABSTRACT
Botnets, networks of malware-infected machines (bots) that are controlled by an adversary, are the root cause of a large number of security problems on the Internet. A particularly sophisticated and insidious type of bot is Torpig, a malware program designed to harvest sensitive information (such as bank account and credit-card data) from its victims. In this article, the authors report on their efforts to take control of the Torpig botnet and study its operations for a period of 10 days. During this time, they observed more than 180,000 infections and recorded almost 70 Gbytes of data that the bots collected. They also report on what happened in the year that has passed since they lost control of the Torpig botnet.
INDEX TERMS
botnets, malware, malware analysis
CITATION
Brett Stone-Gross, Marco Cova, Bob Gilbert, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna, "Analysis of a Botnet Takeover", IEEE Security & Privacy, vol.9, no. 1, pp. 64-72, January/February 2011, doi:10.1109/MSP.2010.144
REFERENCES
1. N. Provos and P. Mavrommatis, "All Your iFRAMEs Point to Us," Proc. 17th Usenix Security Symp., Usenix Assoc., 2008, pp. 1–15.
2. T. Holz et al., "Measuring and Detecting Fast-Flux Service Networks," Proc. 16th Network and Distributed System Security Symp., Internet Soc., 2008; www.isoc.org/isoc/conferences/ndss/08/papers 16_measuring_and_detecting.pdf.
3. M.A. Rajab et al., "My Botnet is Bigger than Yours (Maybe, Better than Yours): Why Size Estimates Remain Challenging," Proc. 1st Usenix Workshop on Hot Topics in Understanding Botnets, Usenix Assoc., 2007; www.usenix.org/event/hotbots07/tech/full_papers/ rajabrajab.pdf.
4. C. Kanich et al., "Spamalytics: An Empirical Analysis of Spam Marketing Conversion," Proc. 15th ACM Conf. Computer and Communications Security, ACM Press, 2008, pp. 3-14.
5. P. Ohm, D. Sicker, and D. Grunwald, "Legal Issues Surrounding Monitoring During Network Research (Invited Paper)," Proc. ACM Internet Measurement Conf., ACM Press, 2007, pp. 141-148.
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool