Toronto Networking Seminar



Covertly Tracking a Large Collection of Botnets

Fabian Monrose
Department of Computer Science
 Johns Hopkins University

Date:  Friday, December 1,  3pm
Location: BA1170 (Bahen Center)

Abstract:

While the academic community has long acknowledged the existence of botnets, relatively little is known about the behavior of these distributed platforms. For instance, botnet prevalence on the Internet remains mostly a mystery. In this talk, I'll present our efforts to clear the fog surrounding botnets by constructing a multifaceted and distributed measurement platform. In particular, our approach makes use of several techniques to covertly track botnets from both an insider's view and from a global perspective. During the course of over 3 months, we covertly tracked well over 100 botnets, and discovered some fairly intriguing findings (at least to us) regarding the botnet phenomenon. Time permitting, I will also touch on several challenges and limitations of current practices to curtail the botnet problem.

This is joint work with Moheeb Rajab, Jay Zarfoss and Andreas Terzis.