An Analysis of the Zeus Peer-to-Peer Protocol
暂无分享,去创建一个
Zeus is a family of credential-stealing trojans which originally appeared in 2007. The first two variants of Zeus are based on centralized command servers. These command servers are now routinely tracked and blocked by the security community. In an apparent effort to withstand these routine countermeasures, the second version of Zeus was forked into a peer-to-peer variant in September 2011. This paper describes our insights into the topology and communication protocol of the peer-to-peer variant of Zeus.
[1] David Mazières,et al. Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.
[2] Amr M. Youssef,et al. On the analysis of the Zeus botnet crimeware toolkit , 2010, 2010 Eighth International Conference on Privacy, Security and Trust.
[3] Roberto Perdisci,et al. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware , 2012, USENIX Security Symposium.
[4] Dennis Andriesse,et al. P 2 PWNED : Modeling and Evaluating the Resilience of Peer-to-Peer Botnets , 2013 .