2010 43rd Hawaii International Conference on System Sciences (2010)
Koloa, Kauai, Hawaii
Jan. 5, 2010 to Jan. 8, 2010
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2010.81
We present behavioral pattern analysis of fast flux service networks (FFSNs) using our database of FFSNs collected over a period of 12 months with our real-time fast flux network detection algorithm . FFSNs exploit a network of compromised machines (zombies) for illegal activities such as spam campaigns, phishing scams and malware delivery using DNS record manipulation techniques. Our results, which build upon our analysis results , show that such networks share common lifecycle characteristics, and form clusters based on size, growth and type of malicious behavior. In particular, we introduce a social network connectivity metric, and show that (Command and Control and phishing), (malware and spam botnets) have similar scores with this metric.
G. Eaton, D. Drapaeau, A. Caglayan, M. Toothaker and D. Burke, "Behavioral Patterns of Fast Flux Service Networks," 2010 43rd Hawaii International Conference on System Sciences(HICSS), Koloa, Kauai, Hawaii, 1899, pp. 1-9.