Show simple item record

dc.contributor.authorLim, Jungheeen_US
dc.contributor.authorReps, Thomasen_US
dc.date.accessioned2012-03-15T17:24:41Z
dc.date.available2012-03-15T17:24:41Z
dc.date.created2010en_US
dc.date.issued2010en_US
dc.identifier.citationTR1668en_US
dc.identifier.urihttp://digital.library.wisc.edu/1793/60696
dc.description.abstractBotnets are a major threat to the security of computer systems and the Internet. An increasing number of individual Internet sites have been compromised by attacks from all across the world to become part of various kinds of malicious botnets. The Internet security research community has made significant efforts to identify botnets, to collect data on their activities, and to develop techniques for detection, mitigation, and disruption. One way of analyzing the behavior of bots is to run the bot executables and observe their actions. For this to be possible, one needs proper input commands that trigger malicious behaviors. However, it is difficult and time-consuming to manually infer botnet commands from binaries. In this paper, we present a tool called BCE for automatically extracting botnet-command information from bot executables. Our experiments showed that the new search strategies developed for BCE yielded both substantially higher coverage of the parts of the program relevant to identifying bot commands, as well as lowered run-time.en_US
dc.format.mimetypeapplication/pdfen_US
dc.publisherUniversity of Wisconsin-Madison Department of Computer Sciencesen_US
dc.titleBCE: Extracting Botnet Commands from Bot Executablesen_US
dc.typeTechnical Reporten_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

  • CS Technical Reports
    Technical Reports Archive for the Department of Computer Sciences at the University of Wisconsin-Madison

Show simple item record