Mining botnets and their evolution patterns

Jaehoon Choi, Jaewoo Kang, Jinseung Lee, Chihwan Song, Qingsong Jin, Sunwon Lee, Jinsun Uh

Research output: Contribution to journalArticle

Abstract

The botnet is the network of compromised computers that have fallen under the control of hackers after being infected by malicious programs such as trojan viruses. The compromised machines are mobilized to perform various attacks including mass spamming, distributed denial of service (DDoS) and additional trojans. This is becoming one of the most serious threats to the Internet infrastructure at present. We introduce a method to uncover compromised machines and characterize their behaviors using large email logs. We report various spam campaign variants with different characteristics and introduce a statistical method to combine them. We also report the long-term evolution patterns of the spam campaigns.

Original languageEnglish
Pages (from-to)605-615
Number of pages11
JournalJournal of Computer Science and Technology
Volume28
Issue number4
DOIs
Publication statusPublished - 2013 Jul 1

Fingerprint

Spamming
Long Term Evolution (LTE)
Spam
Electronic mail
Computer networks
Viruses
Mining
Statistical methods
Internet
Denial of Service
Electronic Mail
Statistical method
Virus
Infrastructure
Attack
Botnet

Keywords

  • botnet
  • botnet evolution
  • botnet spamming

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Computational Theory and Mathematics
  • Theoretical Computer Science
  • Computer Science Applications

Cite this

Mining botnets and their evolution patterns. / Choi, Jaehoon; Kang, Jaewoo; Lee, Jinseung; Song, Chihwan; Jin, Qingsong; Lee, Sunwon; Uh, Jinsun.

In: Journal of Computer Science and Technology, Vol. 28, No. 4, 01.07.2013, p. 605-615.

Research output: Contribution to journalArticle

Choi, J, Kang, J, Lee, J, Song, C, Jin, Q, Lee, S & Uh, J 2013, 'Mining botnets and their evolution patterns', Journal of Computer Science and Technology, vol. 28, no. 4, pp. 605-615. https://doi.org/10.1007/s11390-013-1361-1
Choi, Jaehoon ; Kang, Jaewoo ; Lee, Jinseung ; Song, Chihwan ; Jin, Qingsong ; Lee, Sunwon ; Uh, Jinsun. / Mining botnets and their evolution patterns. In: Journal of Computer Science and Technology. 2013 ; Vol. 28, No. 4. pp. 605-615.
@article{7b88d1d813324e668afe1e33527f19ed,
title = "Mining botnets and their evolution patterns",
abstract = "The botnet is the network of compromised computers that have fallen under the control of hackers after being infected by malicious programs such as trojan viruses. The compromised machines are mobilized to perform various attacks including mass spamming, distributed denial of service (DDoS) and additional trojans. This is becoming one of the most serious threats to the Internet infrastructure at present. We introduce a method to uncover compromised machines and characterize their behaviors using large email logs. We report various spam campaign variants with different characteristics and introduce a statistical method to combine them. We also report the long-term evolution patterns of the spam campaigns.",
keywords = "botnet, botnet evolution, botnet spamming",
author = "Jaehoon Choi and Jaewoo Kang and Jinseung Lee and Chihwan Song and Qingsong Jin and Sunwon Lee and Jinsun Uh",
year = "2013",
month = "7",
day = "1",
doi = "10.1007/s11390-013-1361-1",
language = "English",
volume = "28",
pages = "605--615",
journal = "Journal of Computer Science and Technology",
issn = "1000-9000",
publisher = "Springer New York",
number = "4",

}

TY - JOUR

T1 - Mining botnets and their evolution patterns

AU - Choi, Jaehoon

AU - Kang, Jaewoo

AU - Lee, Jinseung

AU - Song, Chihwan

AU - Jin, Qingsong

AU - Lee, Sunwon

AU - Uh, Jinsun

PY - 2013/7/1

Y1 - 2013/7/1

N2 - The botnet is the network of compromised computers that have fallen under the control of hackers after being infected by malicious programs such as trojan viruses. The compromised machines are mobilized to perform various attacks including mass spamming, distributed denial of service (DDoS) and additional trojans. This is becoming one of the most serious threats to the Internet infrastructure at present. We introduce a method to uncover compromised machines and characterize their behaviors using large email logs. We report various spam campaign variants with different characteristics and introduce a statistical method to combine them. We also report the long-term evolution patterns of the spam campaigns.

AB - The botnet is the network of compromised computers that have fallen under the control of hackers after being infected by malicious programs such as trojan viruses. The compromised machines are mobilized to perform various attacks including mass spamming, distributed denial of service (DDoS) and additional trojans. This is becoming one of the most serious threats to the Internet infrastructure at present. We introduce a method to uncover compromised machines and characterize their behaviors using large email logs. We report various spam campaign variants with different characteristics and introduce a statistical method to combine them. We also report the long-term evolution patterns of the spam campaigns.

KW - botnet

KW - botnet evolution

KW - botnet spamming

UR - http://www.scopus.com/inward/record.url?scp=84880049303&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84880049303&partnerID=8YFLogxK

U2 - 10.1007/s11390-013-1361-1

DO - 10.1007/s11390-013-1361-1

M3 - Article

VL - 28

SP - 605

EP - 615

JO - Journal of Computer Science and Technology

JF - Journal of Computer Science and Technology

SN - 1000-9000

IS - 4

ER -