Botnet Mapping Based on Intersections of Traces

Erez Alfasi, Gil Einziger

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Volumetric attacks are a growing concern for current Internet services. These attacks overwhelm Internet services with requests that prevent legitimate users from accessing the service or dramatically increase operational costs. While bot networks account for most volumetric attacks, the current approaches focus on mitigating a single attack. Our work argues that botnets create distinct patterns that can be detected by analyzing multiple traces from previous attacks. We formalize this idea into concrete bot network mapping algorithms and demonstrate their effectiveness in diverse conditions. Such a mapping implies that mitigation of future attacks is considerably easier, threatening the business model behind bot networks.

Original languageEnglish
Title of host publicationICDCN 2022 - Proceedings of the 2022 International Conference on Distributed Computing and Networking
PublisherAssociation for Computing Machinery
Pages198-207
Number of pages10
ISBN (Electronic)9781450395601
DOIs
StatePublished - 4 Jan 2022
Event23rd International Conference on Distributed Computing and Networking, ICDCN 2022 - Virtual, Online, India
Duration: 4 Jan 20227 Jan 2022

Publication series

NameACM International Conference Proceeding Series

Conference

Conference23rd International Conference on Distributed Computing and Networking, ICDCN 2022
Country/TerritoryIndia
CityVirtual, Online
Period4/01/227/01/22

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Botnet Mapping Based on Intersections of Traces'. Together they form a unique fingerprint.

Cite this