A Model for Covert Botnet Communication in a Private Subnet

Authors

Brandon Shirley
Chad D. Mano

Document Type

Article

Journal/Book Title/Conference

A. Das et Al

Publication Date

1-1-2008

First Page

624

Last Page

632

Abstract

Recently, botnets utilizing peer-to-peer style communication infrastructures have been discovered, requiring new approaches to detection and monitoring techniques. Current detection methods analyze network communication patterns, identifying systems that may have been recruited into the botnet. This paper presents a localized botnet communication model that enables a portion of compromised systems to hide from such detection techniques without a potentially significant increase in network monitoring points. By organizing bot systems at the the subnet level the amount of communication with the outside network is greatly reduced, requiring switch-level monitoring to identify infected systems.

Recommended Citation

Shirley, Brandon and Mano, Chad D., "A Model for Covert Botnet Communication in a Private Subnet" (2008). Space Dynamics Laboratory Publications. Paper 115.
https://digitalcommons.usu.edu/sdl_pubs/115