By Topic

A recoverable hybrid C&C botnet

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Chaoge Liu ; Beijing Univ. of Posts & Telecommun., Beijing, China ; Weiqing Lu ; Zhiqi Zhang ; Peng Liao
more authors

In this paper, we introduce the possible design of such a botnet called CoolBot which exploits a novel hybrid command and control (C&C) structure - hybrid P2P and URL Flux. The proposed CoolBot would have extremely desirable features - robustness and recoverability, that is, it could not only defend against popular attacks such as Sybil and routing table pollution attack but also could recover its C&C channel in a tolerable delay in case most of critical resources are destroyed, which promise to be appealing for botmasters. Our preliminary results show that the design of CoolBot is feasible and hard to defend against, consequently posing potential threat for Internet security. The goal of our work is to increase the understanding of advanced botnets which will promote the development of more efficient countermeasures. To conclude our paper, we suggest possible defenses against the emerging threat.

Published in:

Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on

Date of Conference:

18-19 Oct. 2011