Benchmarking IP blacklists for financial botnet detection

Every day, hundreds or even thousands of computers are infected with financial malware (i.e. Zeus) that forces them to become zombies or drones, capable of joining massive financial botnets that can be hired by well-organized cyber-criminals in order to steal online banking customers' credentials. Despite the fact that detection and mitigation mechanisms for spam and DDoS-related botnets have been widely researched and developed, it is true that the passive nature (i.e. low network traffic, fewer connections) of financial botnets greatly hinder their countermeasures. Therefore, cyber-criminals are still obtaining high economical profits at relatively low risk with financial botnets.

[1]  Kenneth A. Ross,et al.  Making B+- trees cache conscious in main memory , 2000, SIGMOD '00.

[2]  Brad Fitzpatrick,et al.  Distributed caching with memcached , 2004 .

[3]  Nick Feamster,et al.  Revealing Botnet Membership Using DNSBL Counter-Intelligence , 2006, SRUTI.

[4]  Wenke Lee,et al.  Modeling Botnet Propagation Using Time Zones , 2006, NDSS.

[5]  Jae-Seo Lee,et al.  Detecting P2P Botnets Using a Multi-phased Flow Model , 2009, 2009 Third International Conference on Digital Society.

[6]  Kostas Tsichlas,et al.  Fully persistent B-trees , 2012, SODA.

[7]  Yongdae Kim,et al.  Towards complete node enumeration in a peer-to-peer botnet , 2009, ASIACCS '09.

[8]  Douglas Stott Parker,et al.  Map-reduce-merge: simplified relational data processing on large clusters , 2007, SIGMOD '07.

[9]  Heejo Lee,et al.  Botnet Detection by Monitoring Group Activities in DNS Traffic , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[10]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[11]  H. Fujisawa,et al.  An 8.1-ns Column-Access 1.6-Gb/s/pin DDR3 SDRAM With an 8:4 Multiplexed Data-Transfer Scheme , 2007, IEEE Journal of Solid-State Circuits.

[12]  Joseph Massi,et al.  Botnet Detection and Mitigation , 2010 .

[13]  Brian Rexroad,et al.  Wide-Scale Botnet Detection and Characterization , 2007, HotBots.

[14]  W. Timothy Strayer,et al.  Detecting Botnets with Tight Command and Control , 2006, Proceedings. 2006 31st IEEE Conference on Local Computer Networks.

[15]  Yuval Ben-Itzhak,et al.  Organised cybercrime and payment cards , 2009 .

[16]  Mounir Hamdi,et al.  Memory Subsystems in High-End Routers , 2009, IEEE Micro.

[17]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[18]  M. AdelsonVelskii,et al.  AN ALGORITHM FOR THE ORGANIZATION OF INFORMATION , 1963 .

[19]  David Geer,et al.  Malicious bots threaten network security , 2005, Computer.

[20]  Nick Feamster,et al.  Can DNS-Based Blacklists Keep Up with Bots? , 2006, CEAS.

[21]  Yao Zhao,et al.  BotGraph: Large Scale Spamming Botnet Detection , 2009, NSDI.