Behavioral Patterns of Fast Flux Service Networks

Alper Caglayan, Mike Toothaker, Dan Drapaeau, Dustin Burke, Gerry Eaton
2010 2010 43rd Hawaii International Conference on System Sciences  
We present behavioral pattern analysis of fast flux service networks (FFSNs) using our database of FFSNs collected over a period of 12 months with our real-time fast flux network detection algorithm [1] . FFSNs exploit a network of compromised machines (zombies) for illegal activities such as spam campaigns, phishing scams and malware delivery using DNS record manipulation techniques. Our results, which build upon our analysis results [2] , show that such networks share common lifecycle
more » ... n lifecycle characteristics, and form clusters based on size, growth and type of malicious behavior. In particular, we introduce a social network connectivity metric, and show that (Command and Control and phishing), (malware and spam botnets) have similar scores with this metric.
doi:10.1109/hicss.2010.81 dblp:conf/hicss/CaglayanTDBE10 fatcat:gt2fzregu5aybcpf2gukky2kqy