eventtitle = {{ICC} 2016 - 2016 {IEEE} International Conference on Communications},
pages = {1--7},
booktitle = {2016 {IEEE} International Conference on Communications ({ICC})},
publisher = {{IEEE}},
author = {Karuppayah, Shankar and Vasilomanolakis, Emmanouil and Haas, Steffen and Muhlhauser, Max and Fischer, Mathias},
urldate = {2021-11-12},
date = {2016-05},
file = {Karuppayah et al. - 2016 - BoobyTrap On autonomously detecting and character.pdf:/home/me/Zotero/storage/UAUH5ZAN/Karuppayah et al. - 2016 - BoobyTrap On autonomously detecting and character.pdf:application/pdf}
title = {{{SensorBuster}}: {{On Identifying Sensor Nodes}} in {{P2P Botnets}}},
shorttitle = {{{SensorBuster}}},
booktitle = {Proceedings of the 12th {{International Conference}} on {{Availability}}, {{Reliability}} and {{Security}}},
author = {Karuppayah, Shankar and Böck, Leon and Grube, Tim and Manickam, Selvakumar and Mühlhäuser, Max and Fischer, Mathias},
date = {2017-08-29},
pages = {1--6},
publisher = {{Association for Computing Machinery}},
location = {{New York, NY, USA}},
doi = {10.1145/3098954.3098991},
url = {https://doi.org/10.1145/3098954.3098991},
urldate = {2021-03-23},
abstract = {The ever-growing number of cyber attacks originating from botnets has made them one of the biggest threat to the Internet ecosystem. Especially P2P-based botnets like ZeroAccess and Sality require special attention as they have been proven to be very resilient against takedown attempts. To identify weaknesses and to prepare takedowns more carefully it is thus a necessity to monitor them by crawling and deploying sensor nodes. This in turn provokes botmasters to come up with monitoring countermeasures to protect their assets. Most existing anti-monitoring countermeasures focus mainly on the detection of crawlers and not on the detection of sensors deployed in a botnet. In this paper, we propose two sensor detection mechanisms called SensorRanker and SensorBuster. We evaluate these mechanisms in two real world botnets, Sality and ZeroAccess. Our results indicate that SensorRanker and SensorBuster are able to detect up to 17 sensors deployed in Sality and four within ZeroAccess.},
file = {/home/me/Zotero/storage/ZDUFTXYY/Karuppayah et al. - 2017 - SensorBuster On Identifying Sensor Nodes in P2P B.pdf},
abstract = {The importance of a Web page is an inherently subjective matter, which depends on the readers interests, knowledge and attitudes. But there is still much that can be said objectively about the relative importance of Web pages. This paper describ es PageRank, a method for rating Web pages objectively and mechanically, effectively measuring the human interest and attention devoted to them. We compare PageRank to an idealized random Web surfer. We show how to efficiently compute PageRank for large numbers of pages. And, we show how to apply PageRank to search and to user navigation.}
eventtitle = {2013 {IEEE} Symposium on Security and Privacy ({SP}) Conference dates subject to change},
pages = {97--111},
booktitle = {2013 {IEEE} Symposium on Security and Privacy},
publisher = {{IEEE}},
author = {Rossow, Christian and Andriesse, Dennis and Werner, Tillmann and Stone-Gross, Brett and Plohmann, Daniel and Dietrich, Christian J. and Bos, Herbert},
urldate = {2022-03-15},
date = {2013-05},
file = {Submitted Version:/home/me/Zotero/storage/7T8RDXXF/Rossow et al. - 2013 - SoK P2PWNED - Modeling and Evaluating the Resilie.pdf:application/pdf}
}
@inproceedings{bib:antonakakis_dga_2012,
author = {Manos Antonakakis and Roberto Perdisci and Yacin Nadji and Nikolaos Vasiloglou and Saeed Abu-Nimeh and Wenke Lee and David Dagon},
title = {From {Throw-Away} Traffic to Bots: Detecting the Rise of {DGA-Based} Malware},
abstract = {Computer criminals regularly construct large distributed attack networks comprised of many thousands of compromised computers around the globe. Once constituted, these attack networks are used to perform computer crimes, creating yet other sets of victims of secondary computer crimes, such as denial of service attacks, spam delivery, theft of personal and financial information for performing fraud, exfiltration of proprietary information for competitive advantage (industrial espionage), etc.The arms race between criminal actors who create and operate botnets and the computer security industry and research community who are actively trying to take these botnets down is escalating in aggressiveness. As the sophistication level of botnet engineering and operations increases, so does the demand on reverse engineering, understanding weaknesses in design that can be exploited on the defensive (or counter-offensive) side, and the possibility that actions to take down or eradicate the botnet may cause unintended consequences.},
booktitle = {Proceedings of the 5th USENIX Conference on Large-Scale Exploits and Emergent Threats},
