Traceback Framework against Botmaster by Sharing Network Communication Pattern Information

In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communicati...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mizoguchi, S., Takemori, K., Miyake, Y., Hori, Y., Sakurai, K.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 644
container_issue
container_start_page 639
container_title
container_volume
creator Mizoguchi, S.
Takemori, K.
Miyake, Y.
Hori, Y.
Sakurai, K.
description In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.
doi_str_mv 10.1109/IMIS.2011.152
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5976289</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5976289</ieee_id><sourcerecordid>5976289</sourcerecordid><originalsourceid>FETCH-LOGICAL-i90t-bfbc8d41cd07ded88c1406626fa266d77d67a87d5f00c68ef7535c715fde65053</originalsourceid><addsrcrecordid>eNotzM1KAzEUhuGICGqdpSs3uYGpJ8kkJ7PUYutA_YF25aZk8lNjnRnJRKR3b6muPnh5-Ai5ZjBlDOrb5qlZTTkwNmWSn5CiRg2oalkJ5HhKLpliXFcoBDsnxTh-ABwsKAHigrytk7G-NXZH58l0_mdIO2q2JvZjpvdD7syYfaLtnq7eTYr9lj77fESzoeu--2hNjkNPX00-uJ42fRhSd2xX5CyYz9EX_zsh6_nDevZYLl8WzexuWcYactmG1mpXMesAnXdaW1aBUlwFw5VyiE6h0ehkALBK-4BSSItMBueVBCkm5ObvNnrvN18pdibtN7JGxXUtfgFhW1PZ</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Traceback Framework against Botmaster by Sharing Network Communication Pattern Information</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Mizoguchi, S. ; Takemori, K. ; Miyake, Y. ; Hori, Y. ; Sakurai, K.</creator><creatorcontrib>Mizoguchi, S. ; Takemori, K. ; Miyake, Y. ; Hori, Y. ; Sakurai, K.</creatorcontrib><description>In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&amp;C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&amp;C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&amp;C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.</description><identifier>ISBN: 1612847331</identifier><identifier>ISBN: 9781612847337</identifier><identifier>EISBN: 9780769543727</identifier><identifier>EISBN: 0769543723</identifier><identifier>DOI: 10.1109/IMIS.2011.152</identifier><language>eng</language><publisher>IEEE</publisher><subject>botmaster traceback ; botnet ; Communities ; Computer crime ; Malware ; Mobile communication ; Servers ; Ubiquitous computing ; Web and internet services</subject><ispartof>2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, 2011, p.639-644</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5976289$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,777,781,786,787,2052,27906,54901</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5976289$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mizoguchi, S.</creatorcontrib><creatorcontrib>Takemori, K.</creatorcontrib><creatorcontrib>Miyake, Y.</creatorcontrib><creatorcontrib>Hori, Y.</creatorcontrib><creatorcontrib>Sakurai, K.</creatorcontrib><title>Traceback Framework against Botmaster by Sharing Network Communication Pattern Information</title><title>2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing</title><addtitle>imis</addtitle><description>In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&amp;C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&amp;C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&amp;C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.</description><subject>botmaster traceback</subject><subject>botnet</subject><subject>Communities</subject><subject>Computer crime</subject><subject>Malware</subject><subject>Mobile communication</subject><subject>Servers</subject><subject>Ubiquitous computing</subject><subject>Web and internet services</subject><isbn>1612847331</isbn><isbn>9781612847337</isbn><isbn>9780769543727</isbn><isbn>0769543723</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2011</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotzM1KAzEUhuGICGqdpSs3uYGpJ8kkJ7PUYutA_YF25aZk8lNjnRnJRKR3b6muPnh5-Ai5ZjBlDOrb5qlZTTkwNmWSn5CiRg2oalkJ5HhKLpliXFcoBDsnxTh-ABwsKAHigrytk7G-NXZH58l0_mdIO2q2JvZjpvdD7syYfaLtnq7eTYr9lj77fESzoeu--2hNjkNPX00-uJ42fRhSd2xX5CyYz9EX_zsh6_nDevZYLl8WzexuWcYactmG1mpXMesAnXdaW1aBUlwFw5VyiE6h0ehkALBK-4BSSItMBueVBCkm5ObvNnrvN18pdibtN7JGxXUtfgFhW1PZ</recordid><startdate>201106</startdate><enddate>201106</enddate><creator>Mizoguchi, S.</creator><creator>Takemori, K.</creator><creator>Miyake, Y.</creator><creator>Hori, Y.</creator><creator>Sakurai, K.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>201106</creationdate><title>Traceback Framework against Botmaster by Sharing Network Communication Pattern Information</title><author>Mizoguchi, S. ; Takemori, K. ; Miyake, Y. ; Hori, Y. ; Sakurai, K.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i90t-bfbc8d41cd07ded88c1406626fa266d77d67a87d5f00c68ef7535c715fde65053</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2011</creationdate><topic>botmaster traceback</topic><topic>botnet</topic><topic>Communities</topic><topic>Computer crime</topic><topic>Malware</topic><topic>Mobile communication</topic><topic>Servers</topic><topic>Ubiquitous computing</topic><topic>Web and internet services</topic><toplevel>online_resources</toplevel><creatorcontrib>Mizoguchi, S.</creatorcontrib><creatorcontrib>Takemori, K.</creatorcontrib><creatorcontrib>Miyake, Y.</creatorcontrib><creatorcontrib>Hori, Y.</creatorcontrib><creatorcontrib>Sakurai, K.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mizoguchi, S.</au><au>Takemori, K.</au><au>Miyake, Y.</au><au>Hori, Y.</au><au>Sakurai, K.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Traceback Framework against Botmaster by Sharing Network Communication Pattern Information</atitle><btitle>2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing</btitle><stitle>imis</stitle><date>2011-06</date><risdate>2011</risdate><spage>639</spage><epage>644</epage><pages>639-644</pages><isbn>1612847331</isbn><isbn>9781612847337</isbn><eisbn>9780769543727</eisbn><eisbn>0769543723</eisbn><abstract>In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&amp;C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&amp;C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&amp;C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.</abstract><pub>IEEE</pub><doi>10.1109/IMIS.2011.152</doi><tpages>6</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 1612847331
ispartof 2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, 2011, p.639-644
issn
language eng
recordid cdi_ieee_primary_5976289
source IEEE Electronic Library (IEL) Conference Proceedings
subjects botmaster traceback
botnet
Communities
Computer crime
Malware
Mobile communication
Servers
Ubiquitous computing
Web and internet services
title Traceback Framework against Botmaster by Sharing Network Communication Pattern Information
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-19T04%3A33%3A55IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Traceback%20Framework%20against%20Botmaster%20by%20Sharing%20Network%20Communication%20Pattern%20Information&rft.btitle=2011%20Fifth%20International%20Conference%20on%20Innovative%20Mobile%20and%20Internet%20Services%20in%20Ubiquitous%20Computing&rft.au=Mizoguchi,%20S.&rft.date=2011-06&rft.spage=639&rft.epage=644&rft.pages=639-644&rft.isbn=1612847331&rft.isbn_list=9781612847337&rft_id=info:doi/10.1109/IMIS.2011.152&rft_dat=%3Cieee_6IE%3E5976289%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&rft.eisbn=9780769543727&rft.eisbn_list=0769543723&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5976289&rfr_iscdi=true