Abstract
The botnet is the network of compromised computers that have fallen under the control of hackers after being infected by malicious programs such as trojan viruses. The compromised machines are mobilized to perform various attacks including mass spamming, distributed denial of service (DDoS) and additional trojans. This is becoming one of the most serious threats to the Internet infrastructure at present. We introduce a method to uncover compromised machines and characterize their behaviors using large email logs. We report various spam campaign variants with different characteristics and introduce a statistical method to combine them. We also report the long-term evolution patterns of the spam campaigns.
| Original language | English |
|---|---|
| Pages (from-to) | 605-615 |
| Number of pages | 11 |
| Journal | Journal of Computer Science and Technology |
| Volume | 28 |
| Issue number | 4 |
| DOIs | |
| Publication status | Published - 2013 Jul |
Bibliographical note
Funding Information:Regular Paper This work was supported by the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (MEST) of Korea under Grant No. 2012R1A2A2A01014729. The preliminary version of the paper was published in the Proceedings of EDB2012. ∗Corresponding Author ①Weber T. Criminals ‘may overwhelm the web’. BBC NEWS, 2007. http://news.bbc.co.uk/2/hi/business/6298641.stm, May 2013. ②Ward M. Tracking down hi-tech crime. BBC NEWS, 2007. http://news.bbc.co.uk/2/hi/technology/5414502.stm, ©2013 Springer Science + Business Media, LLC & Science Press, China
Keywords
- botnet
- botnet evolution
- botnet spamming
ASJC Scopus subject areas
- Software
- Theoretical Computer Science
- Hardware and Architecture
- Computer Science Applications
- Computational Theory and Mathematics