So You Want to Take Over a Botnet... presented at 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats 2012

by Dave Dittrich,

Tags: Botnets


Summary : Computer criminals regularly construct large dis- tributed attack networks comprised of many thousands of compromised computers around the globe. Once con- stituted, these attack networks are used to perform com- puter crimes, creating yet other sets of victims of sec- ondary computer crimes, such as denial of service at- tacks, spam delivery, theft of personal and financial in- formation for performing fraud, exfiltration of propri- etary information for competitive advantage (industrial espionage), etc.
The arms race between criminal actors who create and operate botnets and the computer security indus- try and research community who are actively trying to take these botnets down is escalating in aggressiveness. As the sophistication level of botnet engineering and op- erations increases, so does the demand on reverse en- gineering, understanding weaknesses in design that can be exploited on the defensive (or counter-offensive) side, and the possibility that actions to take down or eradicate the botnet may cause unintended consequences.