An Usage-Centric Botnet Taxonomy

Czosseck, Christian; Podins, Karlis
January 2011
Proceedings of the European Conference on Information Warfare & ;2011, p65
Conference Proceeding
Botnets have been a recognized threat to computer security for several years. On the timeline of malware development, they can be seen as the latest evolutionary step. Criminals have taken advantage of this new technol-ogy and cyber crime has grown to become a serious and sophisticated problem which law enforcement still finds difficult to deal with. In the past few years we are witnessing a movement away from cyber crime. Nation states be-come the target of attacks as well as actively using botnets to project their own power in the political or military do-main. To study the new and emerging cases of botnet usage we propose an usage-centric botnet taxonomy. Al-though there are already a number of botnet taxonomies published, most of them have a technical viewpoint and often consider cyber crime as the major driver to use botnets. While it may be true for now, we believe that such ap-proach might not be holistic enough to describe the current and future developments. Besides the trend of special-ized botnets being developed, the number of botnet users is increasing, with new motivations coming along. The taxonomy proposed in this paper takes a different viewpoint by focusing less on technical attributes than on the ac-tors using botnets and the functionality requested by them. Major difference from existing research is that proposed taxonomy classifies instances of botnet use. Based on existing taxonomies, case studies of recent botnet incidents and cyber warfare doctrines of selected nation-states, we explore theoretical and already seen ways of botnet usage. We propose new classification of botnets based on their technological attributes, the users and the intended effects on the target to provide a holistic picture of the current situation. We also test the proposed taxonomy on seven in-stances of botnet use.


Related Articles

  • Today's Attackers Can Find the Needle. Mimoso, Michael S.; Savage, Marcia // Information Security;Jun2006, Vol. 9 Issue 6, p24 

    This article discusses the type of for-profit crime plaguing the Internet. Today's hackers want customer data and intellectual property and they also want to infiltrate government agencies. Stealth technology that are being used by attackers include rootkits which are bundled in spyware. Ways to...

  • Computer security in academia-a potential roadblock to distributed annotation of the human genome. Greenbaum, Dov; Douglas, Shawn M; Smith, Andrew; Lim, Joanna; Fischer, Michael; Schultz, Martin; Gerstein, Mark // Nature Biotechnology;Jun2004, Vol. 22 Issue 6, p771 

    With the Blaster and SoBig virus outbreaks of the past summer and the daily nuisance of spam, computer security is, unfortunately, grabbing headlines. They directly increase the costs of using interoperating computers, diverting scarce resources from other activities. Modern science is...

  • ID Theft: Keep Your Information to Yourself. Perry, Phillip // Rural Telecommunications;Mar/Apr2004, Vol. 23 Issue 2, p62 

    Presents tips to protect information on computers from identity theft. Ways to block the attack of computer hackers; Advice to reduce overall computer security risks; Information on computer virus and trojan horse software.

  • Order of the day Integrated Security. Jain, Sanjeev // Siliconindia;Feb2005, Vol. 9 Issue 1, p34 

    The article discusses antivirus company McAfee Security's integrated solution for computer security. It delivers comprehensive protection from malicious threats under one management console, providing customers with a greater degree of control for detecting known and unknown threats....

  • The rise of cyber-crime families. Prince, Brian // eWeek;7/21/2008, Vol. 25 Issue 22, p16 

    The article offers information on the Cyber-crime organizations in the U.S. These group collaborate around a classic Mafia-style model. Research shows that the organization's computer threats have grown more sophisticated wherein individual hackers are replaced with a well-structured...

  • Fight next security war. Lundquist, Eric // eWeek;5/23/2005, Vol. 22 Issue 21, p26 

    The article focuses on computer security. According to the author, in the future security will be treated as a service by the internal technology staff or purchased via subscription from an outside provider. The days of piecemeal security upgrades and client to client scrambles are quickly...

  • Computing insecurity. Gonsalves, Chris // eWeek;5/23/2005, Vol. 22 Issue 21, p32 

    The article focuses on computer security. A computer virus Trojan sits quietly on an infected machine until a user authenticates to an online banking site with a token. The authentication prompts the Trojan to action, where it opens a background session with the user's online banking site,...

  • New research predicts digital Armageddon.  // MarketWatch: Technology;February 2005, Vol. 4 Issue 2, p23 

    Reports on a survey aimed to collect predictions on how the Internet will affect society in the next decade in the U.S. Indications showing a wide agreement among expert respondents that at least one devastating attack will occur on the networked information infrastructure; Contentions over the...

  • The reaction to WMF.  // SC Magazine: For IT Security Professionals (UK Edition);Feb2006, p18 

    The article focuses on a security flaw announced by Microsoft Corp. in February 2006. The security flaw seems to affect virtually every single version of Windows right back to version 3.0. The threat is one of the most pervasive threats to hit the Internet since 2004, according to the findings...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics