A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf
.
Inference and analysis of formal models of botnet command and control protocols
2010
Proceedings of the 17th ACM conference on Computer and communications security - CCS '10
We propose a novel approach to infer protocol state machines in the realistic high-latency network setting, and apply it to the analysis of botnet Command and Control (C&C) protocols. Our proposed techniques enable an order of magnitude reduction in the number of queries and time needed to learn a botnet C&C protocol compared to classic algorithms (from days to hours for inferring the MegaD C&C protocol). We also show that the computed protocol state machines enable formal analysis for botnet
doi:10.1145/1866307.1866355
dblp:conf/ccs/ChocSS10
fatcat:sj4uh3bjfrdl3oeh4jlgk6ev3e